The Digital Cash Register: a Comprehensive Layout for Cyber Banking and Digital Coins

ABSTRACT

This invention describes a new financial language which cures a deficiency sustained by money when it became computer handled: money lost its identity and became a number, as compared with banknotes and physical coins which had a material identity. The new language writes digital coin such that they have value and identity fused together. This new language allows for restoration of the old notion of the cash register. This invention describes a digital cash register offering operational advantages as to clarity, security and accountability.

Introduction: Before computers banks and merchants kept a cash registerwith the actual money, and separately they ran ledgers and accountingbooks, to monitor, track, and analyze their financial situation. Whencomputers came along they wiped out the cash register because by andlarge, the accounting statements reflected money value. It wasconvenient in a way, but it also made fraud, and abuse easier. And whenthe specter of digital cash splashed big, the prevailing idea ofexpressing money in accounting books could not cope. It is thereforetime to return to the old trusted regimen: one cash register and severalaccounting statements. BitMint Financial Language was developed to builda cash register fitting for cyberspace. This cash register is filledwith BitMint coins, which are digital entities that represent money perse: they have a value and an identity, like the dollar bill that has adefinite value and a definite identity (serial number). And because theBitMint coin is digital, it can be readily handled with cryptographictools and do a range of things old cash could not. The collection ofBitMint coins is the digital cash register. Based on its contentsfinancial institutions run all sorts of accounting and analyses. TheBitMint coin comprises payload—the actual money, and a capsule to holdthe payload. The capsule without the payload is used for accountingpurposes—it is not money. We envision financial institutions managing acentral cash register projecting to various accounting databases, orstashing the money is an array of distributed cash registers, eachserving a local community. Pre computer banks gave cash money tocustomers. These banknotes circulated in public, and eventually werereturned to the bank. Cyber banks will do the same: give BitMint coinsto customers; these coins will circulate in public (using blockchain andother technology), and eventually be redeemed at the bank. Beingcryptographically managed these BitMint coins will be able to functionlike “cruise missiles” following an accurate pathway, accomplishingexactly what their payor intended. This new BitMint Financial Languagemerges the new entity—the digital coin, with a new format for handlingmoney in financial institutions: stashing money is digital cashregisters. It is where the money is, it where it is guarded, and fromwhere it is distributed to the public to accomplish the ever increasingnumber of creative operations which are native to cyber entities. Moneyflow is the blood flow of society—BitMint Financial Language clears thearteries and pumps the money more effectively, for a healthy thrivingsociety.

BRIEF EXPLANATION OF THE DRAWINGS FIG. 1: BitMinting Money

This figure shows how a nominal financial statement, FS, regarding avalue X, designated as X_(N), and expressed as a combination oftransactional attributes TA and a value designation FSV is taken up by aBitMint financial language converter or translator to create a matchingfinancial statement written in the BitMint Financial Language,designated as X_(BM), and expressed as a bit string composed of thetransactional attributes TA, the coin or minting attributes MA, and thepayload. The MA includes the value function Vf that specifies the valueof each bit in the payload, such that the total amount resulting fromsummarizing the values of the payload bits is X—the FSV.

FIG. 2 Internal BitMint Money

This figure depicts the dynamics of a financial institute thatinternally uses the BitMint Financial Language but is communicating bothways with other financial institutions that are still using the oldsystem. Financial statement written as X_(N) comprising TA and FSV isfed into the BitMint practicing FI and translated into the BitMintformat, written as X_(BM) as indicated in FIG. 1. In this BitMint themoney is handled internally in the BitMint Financial Language practicingFI, but when communicating to a receiver of the financial statement, theFI translates it back to the X_(N) nominal form.

FIG. 3 BitMinter

This figure shows how a financial statement, FS is processed to generatea matching BitMint coin, BMC. The FS is taken up the operation controlsoftware. It determines how to translate the value of the statement,FSV, to a combination of a choice of n bits, with n value functions v(i)for i=1,2, . . . n so that the value of the payload will be exactly FSV.Once it is determined the operation control software invokes therandomizer, designated as “R” and the randomizer provides n randomidentities to the n bits of the payload. The control software combinesthe TA with minting attributes MA (including the value functions) andthe payload, generating the BitMint coin, BMC, and releasing it to theconsumer of the conversion. An image of the BMC is added to the coinlogger.

FIG. 4 rBitMinter

This figure shows the reverse of the operation depicted in FIG. 3. itshows the BMC picked up by the operation control. The value is read fromthe BMC, and then rewritten as a plain number attached to the TA gleanedfrom the BMC. The result is a standard way to represent a financialstatement. The operation control will then update the status of thatcoin on the coin logger, to indicate that this coin “died” in theBitMint sphere. It is alive in the normal sphere. The converted coin maybe a split of an originally minted coin, and in that case only thepayload bits carried by this split will be marked as “dead”.

FIG. 5 BitMint Bottom Up Implementation

This figure shows various implementation options. In part (a) the blackcircle designates a financial institution practicing the BitMintFinancial Language, surrounded by other FI who still use the old way.There exists perfect harmony, the practicing FI keeps the BitMintdigital coin for internal handling only. In part (b) of the drawing aconversation is depicted through a dotted line between two FIs whereeach is practicing the BitMint Financial Language but they do soindependently, so they accept each other digital coins and eventuallyreconcile their account every so often. Each FI translates the incomingBitMint digital coin to the format it uses internally. In part (c) ofthe figure one observes two FI's that practice BitMint FinancialLanguage in a joint fashion, where a single mint is generating the coinsfor both FIs, and the two financial institutes honor each other coins.The transmission between these two cooperating FIs is done in theBitMint format. However either one of the two cooperating FIs willcommunicate to non participating FIs the way described in FIG. 4—so thenon practicing FIs are not disturbed by the internal financial languageused by the two practicing FIs. This mode will allow for gradualacceptance of the new financial language. As more and more FIs realizethe benefits from the new financial language they will opt to join andshare the mint, while the rest, still not participating FIs are notdistrubed. The joining can proceed at any desired speed while thefinancial system as a whole is operating smoothly. In section (d) thereare three levels d1, d2, and d3 showing how the network of communicatingfinancial institutions are gradually and without ‘waves’ turning to thenew financial language. In (d3) a majority of FIs (indicated as blackcircles while the non participating FI's are depicted as clear circles)are shown as having converted to the joint mint and the new financiallanguage.

FIG. 6: Cascaded BitMint Coins

This figure shows coin-0 depicted through its meta data, and 4 financialbits, where the 2nd fbit is a full fledged BitMint coin—coin-1. Thevalue of coin-0 is the sum values of FBITs: FB1, FB3, FB4 and the valueof coin-1. Coin 1, in turn, is shown per its own meta data and itpayload. The coin-1 payload is comprised of yet another BitMint digitalcoin—coin-2, along four fbits FB1, FB3, FB4, and FB5. Coin 2 is furtherdefined through its meta data and its payload, comprised of twofinancial bits FB1, and FB2, and coin-3. This layout as a whole shows acascaded arrangement of coins where a given coin serves as a financialbit inside an external coin. The figure shows a 3 level cascade, but itcould be at any desired depth. The figure shows each coin as having onlyon fbit in the form of a coin, but this is not a required limitation.There can be any number of coins comprising any payload of a BitMintcoin, whether there are also normal fbits or not.

FIG. 7: Smooth Transfer of BitMint Coins from Phone to Bank Account andin Reverse

This figure shows how a BitMint digital coin is passed around from theowner personal computing device to the owner's bank account. In bothlocations the money is written in the same format: transactionalattributes, mint attributes, and payload. A BitMint digital coin can beeither in one location or another, but not in both.

FIG. 8: Financial Institutes Share a Mint

This figure depicts three financial institutions, each with itscustomers who use personal computing devices and share BitMint digitalcoins between their account and their device. All these financialinstitutions rely on the same mint that generates coins for them fromincoming money from non participating financial institutions. The mintuses ad hoc randomizer and a shared coin logger that keeps track whichcoin is alive and which coin is dead. The three financial institutionsinteract with each other using the BitMint financial language.

FIG. 9: Central Cash Register v. Distributed Cash Register

The figure shows at the upper section a bank where three depictedbranches relate to one central cash register. This central cash registerkeeps all the money from this institution. Financial status of differentaccounts is communicated through the capsule-only version of theinstitute money. Each of the depicted branches serves its own customerswho use personal computing devices to store financial coins. Thesecustomers will freely shift money from and to their personal devices toand from their personal account in the financial institute. While theirmoney is in their account with the institute it is effectively stored inthe central cash register. In the lower section of the figure adistributed cash register array is shown. In this embodiment, eachchapter of the bank is using its own chapter specific cash register. Thecustomers of each chapter will freely shift money to and from theirpersonal computing device and their account with the institutions. Whentheir money is in their account, it is effectively in the cash registerassociated with their bank chapter. The distributed mode offers paymentcontinuity under adverse conditions when communications between thechapters and the chapters and the central cash register is not workingwell.

FIG. 10—Detachable Cash Register Subsystem

This figure shows a detachable physical device functioning as a cashregister subsystem (CRSS). It shows an external box where the elementsare housed. Part a shows a physical port through which the CRSS connectto the computing system is serves. It can also connect through the“air”, using say a local blue tooth configuration, or NFC. Communicationmay be via the Internet, as well. (c). Part d is the part that managesthe payload, represented by the colored rectangle marked PL. It acceptsBitMint digital coins and pays them out as necessary.

FIG. 11: BitMint Emulates the Cash Register

This figure highlights the similarity between the old financial systemwhere money was kept in a secure cash register, while accounting wascarried out via various accounting books. In the reconstruction of thisconfiguration for cyber space, the digital cash register is the placewhere all the money is kept. The only copies of the money itself is donefor strict recovery purposes, usually off line. In a functional sensethe money per se is only kept in the cash register, only there thevarious coins are kept with their full payload marked. That is exactlyas it was in the old days. All banknotes and physical coins weresafeguarded in the cash register, while accounting was done outside thecash register. In the modern version the accounting is done via thecapsule only version of the coin, namely the coins with the payload notmarked. So these are just accounting images of the money, not the moneyitself. The various accounting function in the bank are depicted as anarray of “A” marked entities feeding off the central BitMint coinregister, which in turn is associated with a coin logger used to insureno fake coins are accepted, and no double payment occurs.

DETAILED DESCRIPTION OF THE INVENTION BitMint Financial Language

We define a normal statement of computer-expressed money as a series ofmoney attributes related to a memory location in which a number iswritten, representing the amount of money involved. For example:

Normal Computerized Money Statement=[Attributes: Owner name, accountnumber, currency, terms . . . ][memory location ML]

where software is reading the contents of memory location ML, and thatcontents is a number, say 5000.00

We now define an operation named “BitMinting” in which the contents ofthe memory location of the money statement is replaced with the samemoney value but represented in the BitMint language format. Wedistinguish between the Basic BitMinting format and the CompleteBitMinting Format.

Here is the format of the basic BitMinting format:

BitMint Money Statement: [Normal Attributes][BitMint Attributes][astring of n bits of randomized identities]

The BitMint Attributes include at a minimum a value function, Vf, whichindicates the value v(i) of each of the n bits (i=1,2, . . . n) suchthat:

Σv(i)=[The number written in ML in the normal format]

So if the contents of ML=5000.00, then the BitMinted format may be anyof various options, for example:

Option 1: v(i)=5.00, for i=1,2, . . . n, where n=1000

Option 2: v(i)=500, for i=1,2, . . . n where n=10. In that case the nbits string will be any combination selected among the 2¹⁰ possiblecombinations. For example: 1001110001, 0010010011, 1110110111,0000101001, . . . .

This BitMint format of a money statement is referred to as a BitMintcoin.

The relationship between the normal format to the BitMint format isone-to-many; and the reverse relationship is many-to-one. Namely given amoney statement written in the BitMint way, it can be back translated tothe normal format without equivocation.

It is therefore possible to convert any normal money statement to one ofmany possible BitMint formats. Or say, a money institution may convertits entire money database to BitMint format.

The BitMint format carries no less information than the normal format,so no disadvantage is presenting itself as a result of the conversion offormat. On the other hand this change of format offer the typicalBitMint advantages.

A financial institution may decide to convert its internal moneystatements to the BitMint format and do so without impacting relatedfinancial institutions that interact with it for payments. The otherfinancial institutions, FIs, will not be aware of any internal change inthe money language.

Two or more financial institutions may opt to jointly use the BitMintformat for joint advantages.

Ahead we discuss the advantages and the particulars of internalconversion to BitMint format, as well as advantages and particulars ofthe joint conversion. We also present additional formats

The use of BitMint Financial Language in a financial institution iscentered around the revived concept of the cash register. The new cashregister is digital, it houses the money per se. The BitMint moneyformat returns the notion of identity of money. In class computerhandling of money, the identity of money (so clear for physical money)was lost, and money became an identityless number. It is a source ofconfusion, errors, theft and abuse. The identify bearing BitMint coinscan then be assembled in a place (physical or virtual) which is beingreferred to as the digital cash register.

The process of building a bit string that amounts of a BitMint digitalcoin is called minting. The mint is the setup that is used to generatesBitMint coins.

A Financial Institution, FI, deploying the BitMint language format willhave a digital cash register, also referred to as the financial database (FDB). The FI will be operated on through (i) the BitMinter,(BMTR), and through (ii) the BitMint coin log (BML) also referred to asthe “BitMint coin logger”, as well as through (iii) the ReverseBitMinter (rBitMinter).

Every financial transaction wherein money is coming into the digitalcash register is first processed by the BitMinter. The output of theBitMinter is a money statement in the BitMint format, this statementthen is added to the database, while an image of the respective BitMintcoin is communicated to the BitMint coin logger.

Every financial transaction wherein money is going from the cashregister to a recipient not using the BitMint Financial Language, isfirst processed by the reverse BitMinter (rBitMinter). The output of thereverse BitMinter is a normal money statement that is passed to thereceiving FI.

In summary:

Incoming money: [normal money statement]→[BitMinter]→[BitMintcoin]→[Cash Register]

Outgoing money: [Cash Register]→[BitMint digitalcoin]→[rBitMinter]→[normal money statement]

This creates a protocol wherein the BitMint money format is usedinternally by the FI, without engaging its corresponding FIs, since theysubmit a normal format for money and they receive a normal format formoney. Any incoming money is converted to BitMint format, and resides asa BitMint coin in the cash register, and any BitMint coin from the cashregister is converted to normal format before it is passed to thereceiving FI.

Nomenclature: normal expression of a financial statement of value X willbe written as X_(N). The same value written in the BitMint language willbe written as X_(BM). A BitMint coin is comprised of the coin payload,written as X_(PL), and the attributes of all sorts, headers andtrailers, etc are all regarded as the “capsule” of the coin (that housesthe payload), and written as X_(capsule). The capsule represents themeta data of the coin. The BitMint coin is comprised of the payload andthe meta data (the capsule).

We can write:

X _(BM) =X _(capsule) +X _(PL)

Ahead we describe the BitMinter and the rBitMinter, then we advance tointernal transactions

The BitMinter

The BitMinter is comprised of: (i) operation control, (ii) randomizer,and (iii) Coin Logger. In summary the BitMinter takes in a normallywritten money statement, and converts it to be written in the BitMintfinancial language. It does so by invoking a source of randomness—arandomizer, to form the BitMinted coin, and making a record of this coinin the the BitMint coin logger.

The incoming financial statement relates to some value X and written inthe normal format as X_(N) is then mapped to a BitMint format bydeciding on a number n of bits, and respective valuation indicators forevery bit, v(i) for i=1,2, . . . n such that:

Σv(i)=X . . . for i=1,2, . . . n

There are infinite possible combinations of the values of n, v(1), v(2),. . . v(n) to satisfy the above BitMint value mapping. There are variousconsiderations to guide this choice. These considerations are weighed bythe BitMinter software that operates the BitMint mapping. Once n and thev(i) value are decided, the BitMinter will invoke the randomizer torequest randomized identities for the n bits that specify the to beformed BitMint coin. When those n identities are provided, the BitMinterbuilds the BitMint coin comprised of a “payload”—the string of n bits,and of coin attributes featuring the identity of the BitMinter, a uniquecoin id, any terms of use, the specification of the v(i) values fori=1,2 . . . n, and any cryptographic or other parameters and attributesrelevant for the minted BitMint coin. The attributes section isconcatenated with the payload, some administrative header and trailermay be attached (concatenated) at both ends, and the result is issuedout of the BitMinter as a BitMint coin of value X. All the parts of theBitMint coin except the payload are referred to as the coin capsule.

Schematically this operation is described as follows:

[FS: Financial Statement]→[BMC: BitMint coin], [coin logger updated withBMC image]

In greater detail:

[TA, FSV]→[TA][MA][payload], [coin logger updated with BMC image]

BMC—is the BitMint coin, FS—financial statement, TA—transactionalattributes of the financial statement, MA—mint attributes of the mintedBMC. FSV—financial statement value.

Given the financial statement the BitMinter software will determine themany degrees of freedom for bitmintization. Namely the number of payloadbits and the distribution of values across these bits so that their sumwill be equal to the FSV. The process has a sensitivestep—randomization. If this step is compromised then the minted coinsare in danger of fraud and abuse.

Payload Choice

One wishes to BitMintize a value X. One then asks, what is the desiredresolution for this coin, namely what is the lowest amount of money, l,that one may wish to split out of this coin. And also, what is thesmallest value difference, d, between two splits of the same coin, d.Namely one could split a coin of value Y<X, so that the next highervalue Z will not be smaller than Y+d: Z>Y+d.

Let m be the smallets value between l and d: m=(l, d)_(min).

One will then divide X by m: r*=(X/m). Let r be the smallest integerlarger than r*. By constructing the payload from r bits, where each bitis of the same value of v=(X/r), the BitMinter will satisfy the basicrequirement of the BMC (BitMint coin):

This is the referred to as the simple coin construction.

Illustration: let X=$4925.00, and l=$1.00, while d=$0.01, then m=0.01,and r*=(4925/0.01)=492500, and r=492,500. The respective payload will becomprised of about half a million randomized bits.

For situations where X is very large and m very small the value of r maybe very large and a burden to handle. In these cases alternativeconstructions will be entertained. At times a coin has a clear expectedpayment regimen. This regimen could influence the choice of the coinparameters.

Generic Reduction of Payload Size

There are various methods for generic reduction of payload size. Wediscuss the following: (i) expected payments method, (ii) Repeat cutmethod.

Expected Payments Method

Let a coin of value X be expected to be parceled out to q₁ payments thatexact multiples of a value v₁, and q₂ additional payments that aremultiples of of a value v₂, and so on for additional q_(i) additionalpayments that are multiplications of v_(i) . . . for i=1,2, . . . r. Weset it so that v_(i)≤v_(i+1). We also have:

X>9*Σq _(i) *v _(i) . . . for i=1,2, . . . n

where δ=X−9*Σq_(i)*v_(i). The constructed coin will be comprised of nbit where:

n=9*Σq _(i)+1

The multiplication by 9 is because a coin of resolution r may be of anyof the 9 values possible until the lower resolution is achieved. If oneexpect 9 payments of resolution $1.00, then such payment may end with1,2, . . . 9. e,g; 41, 42, 43, 44, 45, . . . , 49

where the first q₁ bits will be of value v₁, the next q₂ bits will be ofvalue v₂, and so on for q_(i) and v_(i) for i=1,2, . . . r, and the lastbit will be of value δ.

This arrangement will be a compromise between a very large payload andeffective high resolution for the expected payments. It may be that theexpectation for payment were not accurate, and a split is requested forwhich the current resolution cannot respond. In this case either therequested split will be denied and available resolution will be offeredinstead, or the system will exchange this coin for another coin mintedfor it, for the same value, X, but with bits at the required resolution.

Example. Let X=$4925.00. One expect 5 payments at resolution of $100, 10payments at resolution $10, 12 payments at resolution $1, 25 payments atresolution of $0.10 and 200 payments at resolution $0.01.

We compute δ:

δ=4925−9*(4*100+10*10+40*1+25*0.10÷200*0.01)=4925−(400+100+40÷2.5+2)=4925−9*516.50=$24.50

The number of bits in the constructed coin will be:

n=9*(4+10+40+25+200)+1=2512

where the first 36 bits will be of value $100 each, the next 90 bitswill be of $10 each, the next 360 bits will be of value $1.00 each, andthe next 225 bits of value $0.10 each, and the next 1800 bits of value$0.01, the last bit will of value δ=$24.50.

This construction can be compared to the simple construction where everybit is of value $0.01 to insure any payment of this resolution. In thatcase n=X/r=4925/0.01=492500 bits. The versatile construction requires afraction of 2512/492500=0.5% in payload size.

Repeat Cut Method

In this method one first determines the value of m (highest resolution).The payload size is set to n, where n can be written as n=2^(p), where pis an integer. One then cut the n payload bits in half, setting one halfto be valued m per bit. The other half is cut again to two equal halves,and one of those halves is set to 10 m value per bit. The other half iscut again to two halves, and one half is set to be valued 100 m per bit,and the other half is cut in half again. Eventually there is a singlebit that is valued 10^(p−1) m. Let the total of this setup be $T, andlet $X>$T be the value of the coin to be mintized. Let q=X/T. One willnow change n to nq, and multiply by about q the number of bits of eachdenomination.

Illustration: let m=$0.01 and let n=1024. This will result in thefollowing value assignment:

First 512 bits are valued: $0.01, total $5.12 next 256 bits are valued$0.1, total $25.6 next 128 bits are valued $1.00, total $128 next 64bits are value $10.00, total $640 next 32 bits are valued $100.00, total$3200 next 16 bits are valued $1000.00, total $16,000 next 8 bits arevalued $10,000.00, total $80,000 next 4 bits are valued $100,000, total$400,000 next 2 bits are valued $1,000,000, total $2,000,000 last bit isvalued $10,000,000, total $10,000,000.00 Total: $12,499,998.72

Let X=$1,000,000,000.00 we have q=1,000,000,000/12,499.998.25=80, sothis coin will be expressed in 80*1024=81,920 bits. The exact count ofeach denomination will be adjusted to insure that the total value of thepayload is exactly X.

Adjusting Payload to Expected Use

Imagine a BitMint coin dedicated to be used for a transit fair on atrain where all tickets cost the same: $4.35. In that case therespective BitMint coin will be a series of m bits to be paid each timethe coin holder (phone, card, etc) is submitted for payment. Each of them bits will be worth $4.35/m to insure accurate payment. Such adjustmentis possible for varying sums, as long as they are expected. It may workfor sums large and small.

Randomization

The security of the BitMint Financial Language is based on the integrityof the randomization process, so great care must be given to hackingoptions on that step. There are three main source types for randomness:(1) algorithmic randomness, AR, (2) natural complexity randomness, NCR,and (3) quantum randomness. Their desirability is in the reverse order.One must insure that the randomized value source communicates to therandomized values consumer through secure channels. Whatever the sourceof randomness it might of advantage to use a randomness filter thatremoves bit substrings in which the level of randomness is low. TheBitMinter software will invoke the randomized ad hoc, real time.

The BitMint Coin Logger

The BitMint coin logger is most secure if implemented as a write-oncephysical device with a single direction of writing. It holds BitMintcoin images, namely the entire bit expression of the coin—payload andcapsule. A time tag for entry is also recorded. In one option thelive/dead status of the payload bits is adjusted on the original coin,with the timing of the change recorded separately via a capsule onlyimage of the coin (no payload). In a second option when a coin is“killed” or part thereof is killed (removed from the system because themoney left the system), it is added sequentially to the coin logger witha status “killed”. In this case one will have to scan the logger fromthe point of initial recording to time present, to see if this coin orparts thereof were “killed”—paid, removed from the system. In theBitMint Financial Language value is expressed by the marked value ofeach bit in the payload. When the bit status is “live” it means thatthis value, this part of the coin, is live and payable, according to thecoin registered terms of payment. A bit marked ‘dead’ is so interpreted.it will not be paid again.

The write once coin logger prevents both counterfeit coins and doublepayment of a coin,

While the coin logger carries the images of all coins, it is not themoney purse. The record on the logger indicates specifically that it isan image of the coin, not the coin itself. It is though deserving of thebest security, since exposure will allow hackers to redeem fake coinsthey constructed from the data they found in the coin logger. There is atechnology that can be used to further protect the coin logger fromhackers. It is captured in U.S. Pat. No. 10,395,053.

Apart from the highly protected coin logger, one may construct a capsulelogger that would be identical to the coin logger, but missing thepayload. Capture of the capsule logger will not give the capturing onesenough data to defraud the mint.

In another version, the coin logger may be stripped of the capsule dataand one keeps only the payload data and the status (live/dead) indicatorof every bit in the payload as written in the coin logger. Each suchpayload record will be associated with only the coin id, so that thereading software will be able to associate such record from thepayload-logger with the proper capsule from the capsule logger. The coinid on either the payload logger or the capsule logger may be nightlyencrypted with a different key to further bolster security.

One could further enhance security by setting all, or many coins to belisted with the same number of bits. This can be readily done by addingas many zero value bits as desired, to any coin.

The important mission of the coin logger is to insure that no fake coinis redeemed, and no coin or part thereto is redeemed more than once.

The rBitMinter

The rBitMinter takes in a BitMint coin and generates a normal moneystatement expressing the value of the BitMint coin. The result, thenormal money statement carries some of the attributes carried by thecoin. Such may be terms of use, ownership, etc. All the coin attributesthat are BitMint unique are not passed on. Before releasing theresultant statement to its recipient, the rBitMinter will change thestatus of the coin in the BitMint coin logger. It will change from a“live” coin to a “dead” coin—with a time stamp.

Large coins in particular are likely to be redeemed in parts. When allthe bits of the coin payload have been redeemed then the coin as a wholeis dead. It can be removed from the coin-logger to a ‘dead coin logger’.A separate list of dead coin and records of when and why may be kept aspart of global financial accounting.

If the coin logger is implemented on a write-once, erase-never media,then every so often the coin logger may be feeding a coin logger writerthat would copy only coins that are not fully dead (fully dead means allpayload bits redeemed), to the new coin logger, and accumulate the deadcoins into the dead coin logger.

Internal Transactions

The internal transactions of the BitMint coins are: (i) hold the coinseparate, (ii) split the coin, (iii) join the coin with another BitMintcoin, and (iv) list several coins together. These transactions arecarried out by the internal BitMint transactional software (BTS).Transactions include manipulation of coins, and keeping a record theretoin the coin logger.

The hold separate is trivial. The BitMint statement is kept in the FIdatabase, as a value indicators with all the attributes thereto. Upondemand the BitMint digital coin will be converted to the standard formatwith transactional attributes and a numeric value.

[TA][MA][payload]→[TA][Numeric Value]

TA—represents transactional attributes, like owner name, referencenumber to a contract or a sale statement, etc.

MA—represents mint attributes, like the mint id, the value function forthe bits in the payload

The payload is a randomized bit strings where each bit has a value asdetermined by the bit value functions in the MA, based solely on theorder of each bit in the randomized string

The numeric value is the sum value of all the bits in the payload.

The recipient entity receives the financial statement ignorant of thefact that it was kept in the transmitting institute in the BitMintlanguage format.

Once the money leaves the financial institute, the mint coin logger isupdated.

Coin Splitting

In a split a coin of value X is split into two coins of values X′ and X″respectively, where: X=X′+X″.

The split is done by identifying m<n bits in the BitMinted coin, suchthat:

Σv(i)=X′ . . . for the m bits of coin X

Σv(i)=X″ . . . for the n-m bits in X

There are many ways (many degrees of freedom) for effecting a split. Thesplit is limited by the resolution expressed by the n values v(1), v(2),. . . v(n).

Thus the BitMint transactional software generates two coins. They aresharing most of the coin attributes of the parent (presplit) coin. Thefirst split (X′) carries the value function v(i) for i running throughthe selected m bits, and the second split (X″) carries the valuefunction v(j) for j running through the remaining n-m bits. The BitMinttransactional software will then update the coin logger to say coin Xhas been abolished (its new status is “dead”) and coins X′ and X″ areentered as live coins into the database.

Coins Joining

The joining of coin of value X comprised of x bits and coin of value Ycomprised of y bits, is carried out as follows:

The attributes of the two coins are examined and combined intointegrated attribute for the joint coin XY, to the extent suchintegration is possible. If it is not possible then the joint action isrejected.

If coin X has condition C_(x) in its terms of use, and coin Y hascondition C_(y) in its term of use, then the joint coin XY will have theunionized condition C_(xy)=C_(x) ∪ X_(y) as its respective condition.

For example, coin X has a condition C_(x) specifying that it can be usedonly to buy food, and for no other purpose, while coin Y has a conditionC_(y) specifying that it cannot be paid before August 1st this year.Then the joint coin will carry the respective condition C_(xy) to saythat the joint coin can be paid only after August 1st, and used only forpurchase of food stuff.

If the two coins to be joined come with conditions that makes the jointcoin nonviable, then the joining action is rejected.

The joint coin XY will be comprised of (x+y) bits, where the x bits fromcoin X will be valued with the v(1), v(2), . . . v(x) value functionsfrom coin X, and the y bits from coin Y will be value with v(1), v(2), .. . v(y) from coin Y.

Alternatively the BitMint transactional software could remap coin XY ofvalue X+Y with some arbitrary number of bits, w, and associated w valuefunction v(1), v(2), . . . v(w), as long as:

X+Y=Σv(i) for i=1,2, . . . w

The joined coins are updated per status as “dead” as the new joint coinis added to the coin logger.

Coin Listing

A financial institute often builds lists of financial values in theformat:

Description Value TAx: what coin X is about $X TAy: what coin Y is about$Y TAz: what coin Z is about $Z sum total. $(X + Y + Z)

TAx, TAy, TAz are the transactional attributes (owner, transactional refnumber, merchandise id, contract id, etc) of coins X, Y, and Zrespectively.

The respective coin listing using BitMint language will be:

Description Value [TAx][MAx][X payload]: $X [TAy][MAy][Y payload]: $Y[TAz][MAz][Z payload]: $Z sum total. $(X + Y + Z)

Or without the payload (the capsule only format):

Description Value [TAx][MAx] $X [TAy][MAy] $Y [TAz][MAz] $Z sum total.$(X + Y + Z)

Once a coin is translated to common language and passed to a receivingfinancial institute, the transmitting FI has to update the coin logger.This can be done in several ways. Two options are herewith described.

-   -   Original Coin Update    -   Add-on Coin Record

The two methods are functionally equivalent.

Original Coin Update

The transmitted coin T is part or a whole of a live coin R logged in thecoin logger. In particular coin T payload is expressed through some tbits, where these t bits are a subset of the r bits comprising coin R.These t bits are each marked “live” in the coin logger. When T istransmitted outside the FI, these t bits are flipped from “live” to“dead”. In a separate place the FI will record that coin T wastransmitted at a given time at a given reason. This event logger though,will not have the money. Namely the payload will not be carried to theevent logger. In the event logger coin T will be written with all itsattributes [TA, and MA], and the t bits will be identifies per theirlocation in R, however the bit identity, {0,1} of these t bits will notbe recorded in the event logger. And so any subsequent logging,accounting management, review etc of past transactions will have all theinformation except the payload, namely except the money.

The coin logger is built as a write-once option, Once a record of acoin, or say an image of a coin is written into the coin logger, it cannot be changed. The default state of any newly written coin is “live”for all its bits. Once a bit is flipped to “Dead” it cannot beunflipped. Thereby insuring the security of the transactions.

Add On Record

The transmitted coin T is part or a whole of a live coin R logged in thecoin logger. In particular coin T payload is expressed through some tbits, where these t bits are a subset of the r bits comprising coin R.These t bits are each marked “live” in the coin logger. In the add-onrecord method, coin T will be added as a record to the coin logger, butits status as marked on its MA (mint attributes) will be “dead coin”.Namely, all the t bits in T are dead.

In this method, when one wishes to find out the current status of coinR, one will not simply look at coin R in the coin logger. One will lookat R and then scan the coin logger all the way up to the present time.In this scanning coin T will be spotted, and the scanner will thenrealize that coin R has t dead bits. If there are more transmitted coinsthat are all parts of coin R, then the sum total of the dead bits willindicate how many, if any, bits from the original r bits are still“live”. This will be the same information as in the record updateoption.

Advantages of Internal Use of the BitMint Financial Language

The two main advantage categories are (i) security and (ii) recordkeeping. The BitMint Financial Language enhances security by elevating afinancial statement from an identity devoid number to an identityaffirmed value. In general a hacker will no longer simply change anumber in a storage location and thereby defraud the financialinstitution, with BitMint Financial Language the hacker will have tofind the expected identity of any coin he would like to falsely write.This will be difficult because the identities of the payload bits isdynamically determined and randomized, and the determination is loggedin a coin logger which is a write-once memory. The coin logger willassure that no double pay will occur, and no fake coin will pass. Theformat of coin description in the BitMint Financial Language is soinclusive that a bunch of BitMint Financial Language written coinscontains a wealth of information. The BitMint Financial Language allowsfor coin tracking by handling the full coin without the payload bits,namely without the money value. A great advantage for ease and securityof financial accounting.

The Cash Register Sub System

The BitMint Financial Language calls for revival of the traditional cashregister, now in a digital form. The cash register (CR) will amount to asubsystem (CRSS) fitted for any entity dealing with money, be it apersonal phone, a wearable computing device, be it a business holdingsome cash, a merchant large and small, and any bank. We extend thenotion of financial institution to cover the notion of an entity dealingwith money.

The basic idea of the cash register is that money is held in one place,through cyber digital coins, which are not duplicated for backup storagein any operational way (some security protocols may be allowed).According to the BitMint Financial Language money can be represented incapsule form—only meta data, and in that form it may be copied, andexposed if so desired. This is distinct from the actual money form,expressed as that capsule filled with the payload. Only the payloadcharged form is the money itself. The full-fledged, payload loadedBitMint digital coins are housed in the ‘cash register’. The cashregister is managed through cash register management program (CRMP). Therole of the CRMP is to provide security to the money inside the cashregister, to communicate with the BitMinter, or as may be referred to“the mint”, especially the coin logger, to insure update consistency.The CRMP will also be responsible to erase the payload for any digitalcoin sent out from the cash register. This is to prevent this coin frombeing double paid by any hacker who somehow managed to penetrate to thecash register. These functions: break-in safety, mint-communication, andpayload erasure are common to most implementation of the cash registersubsystem (the CR itself the house for the money, and the CRMP that runsit). Most of these functional elements appear in a personal phone, theyappear in a store, large or small, and they appear in a full fledgedbank or similar financial institution, at different extents of course,and different emphasis. Communication with the mint may be excluded fromcash registers subsystem on personal phones, and in other cases.

The CRSS is embedded in the embedding system which may be a phone, orstore computer, etc. The CRSS may be ‘hidden”, or it may be a physicaldetachable device. It always includes the money (payload chargedcapsules) and the software that controls communication with the outsideentities. The CRSS always communicates with the embedder system. Thecommunication with the mint may be done by it, or by the embeddersystem.

The CRSS will allow to move of payments to and from the cash register:discrete payment and continuous payment. In a discrete payment a BitMintcoin or a split thereto is passed to or from the cash register. In thecontinuous mode a given coin drains its bit in a continuous stream thatflows in or out of the cash register.

The CRSS may be equipped with activation security. If it is a physicalembodiment then it may be activated via a bio sensor that comparesfinger print or other biometrics to a stored value. The CRSS may storethe money safely encrypted. Encryption of a digital coin is done throughtwo keys. One key for the capsule and one key for the payload. Thecapsule encryption is considered breakable to the extent that theciphertext commits to its generating plaintext. The ciphertext for thepayload is considered unbreakable because the payload is of high entropy(randomized). If both payload and capsule are encrypted with the samekey, then the capsule part may disclose the key and that would apply tofinding the right payload. If two different keys are used then even ifthe capsule is cryptanalyzed, the payload itself remains secure. TheCRSS may use symmetric keys with corresponding CRSS at a differentlocation.

BitMint Financial Language Basic Conversation

We consider two financial institutions A and B. Each of them is usingthe BitMint Financial Language internally, but independently. In thatcases any exchange of financial statements between A and B may be in theBitMint format. When FI B will receive a coin C_(a) from FI A, it willstore it in its database, and build from it a respective BitMint coin,C_(b) of same value, same transactional attributes, but with mintingattributes unique to B, replacing A′ MA. The size of the payload inC_(b) may be quite different from the size of the payload in C_(a).

C_(a)→C_(b)

[TA][MA_(a)][Payload_(a)]→[TA][MA_(b)][Payload_(b)]

The same routine will work for a financial statement flowing in theopposite direction. If the financial statements represent cash then atany time, each of the FIs can submit all the BitMint coins of the otherfor redemption, against, say fiat currency expressed in the common way.

Coin C_(b) may be seen as a claim check against coin C_(a). Thedifference is that FI B is geared to handle and manipulate its owncoins, C_(b) and not coin from another FI using another mint.

This arrangement allows two financial institutions to run theirindependent BitMint mint operation and respect the other.

This exchange protocol can readily be extended to any number f ofparticipating financial institutions, respecting each other BitMintcoins. When a participating FI communicates a financial statement to aFI outside the participating set then it behaves the way described for asingle FI operating the BitMint Financial Language internally.

Communicating money written in the BitMint Financial Language has adistinct advantage with respect to the security of the communication.Since payloads are randomized then when encrypted even with a weakcipher like DES the result in a randomized sequence confronting thecryptanalyst with a problem because so many keys when tried to decryptthe cipher result in randomized plaintext, which leaves the cryptanalystwith terminal equivocation as to the identity of the key that wasactually used. This advantage applies to every instant when a BitMintcoin is communicated through insecure channels.

BitMint Financial Language Growth Paths

We have seen that a single financial institution may adopt the BitMintFinancial Language, while communicating normally (classic modes) withthe rest of the financial system. We further discussed how two FIs, eachpracticing their own version of BitMint Financial Language may smoothlycommunicates with each other. The next step is for two or more FIs toshare a mint, and acknowledge each other BitMint coins. This opens thegate for steady growth as more and more FI's join into the shared mintoperation.

Another growth scenario is through mint-cascade, where BitMint coins areregarded as claim checks for ‘higher up’ coins. This setup offers a verystrong security advantage among others.

Shared BitMint Financial Language

Two or more financial institutions may share a BitMint FinancialLanguage operation. In that case they will share the BitMinter, therBitMinter, the randomizer and the coin logger. The sharing FIs willpass to each other financial coins that each participating institutioncan read, relate to, and verify through their access to the shared coinlogger.

A third FI will readily be added on. It will convert every nominallywritten financial statement to a BitMint digital coin, by invoking themint shared by the previously sharing FIs. This will result writing allthe financial instrument of the added bank in the BitMint FinancialLanguage. Once so, the added on will be able to receive and transmitBitMint digital coins to the previously joined FIs. The integrity ofeach transmitted coin will be verified through the mint.

This way, more and more financial institutions may gradually andpersistently join the participating FIs. Should a participating FI wishto withdraw from this partnership, they will reconvert the financialstatement written in the BitMint Financial Language back to the nominallanguage where the value is simply a number, not a value plus identityany more.

Mint Cascade

Let a high financial authority A₀ issue BitMint coins of type C₀. Thesecoins are issued to p financial authorities of a lower rank A₁₁, A₁₂, .. . A_(1p). The p A₁ class authorities store the issued coins of type C₀in a secure cash register. Then each of the A₁ class authority issuesits own BitMint coin constituted as claim check for money in their cashregister (C₀ coins). When financial authority A_(1i) issues BitMint coinof type C_(1i), they define them as claim checks for the same amount ofmoney in the form of C₀. Since A₁ authorities are trust worthy then therecipients of these C_(1i) coins, accept them as if they were C₀ typecoins, and the community trades with them. The p A₁ type authoritiesalso honor each other's coins.

The situation as described offers a strong security advantage. Whilemints use very sophisticated means to keep the mint, the coin-logger,and the randomizer secure, one must consider the however remotepossibility of a breach. In the above described setup, a breach into asingle A₁ type authority, will at most jeopardize 1/p of the totalBitMint money in circulation. And what's more—the currency itself willnot be affected, because it is kept in the mint that is operated byauthority A₀, which is not in touch with the public. It only facilitatesthe transactions between A₀ and the p A₁ authorities.

This notion of a mint cascade can be extended in several ways. Wediscuss: (i) additional layers, (ii) complex claim checks.

Additional Layers

Referring to the above description, let consider the case where p=1,namely authority A₀ issues BitMint coin C₀ to authority A₁. A₁ in turnissues C₁ BitMint claim check coins for C₀. A₁ then passes C₁ coins toauthority A₂, which again stores these C₁ coins in its cash register,and issues BitMint coins of type C₂ as claim checks for C₁ coins. And soon BitMint coins of type C_(i) are defined as claim checks for coins oftype C_(i−1). Coins of type C_(r) are unleashed to the trading public.In this situation the currency itself is increasingly well protected,the higher the value of r.

It is even more so for p>1. Hackers will have to violate p*r+1 mints inorder to void the original currency C₀. Both the values of p and r arein control of the implementer.

Complex Claim Checks

Complex claim checks will assume many formats. Here we discuss thefollowing: (i) combined redemption, (ii) conditioned redemption.

Combined Redemption

A BitMint coin may be redeemed against a specified quantity of atransactional entity (fiat currency, precious metal, stocks bonds,etc.), or they may be redeemed against some combination of suchtransactional entities. The trade between China and the US will benefitfrom trading with a BitMint-Yuan-Dollar (BYD), which redeems half in USdollar and half in Chinese Yuans, per a the relative value of the dollarversus the yuan at the moment of minting the BYD coin. This coin will beredeemed at the minting ratio between the US dollar and the China'sYuan, reflecting the relative values at the moment of minting. Yet, sucha BYD will be largely immunized against vacillations of value betweenthese two currencies, since as much as one will rise in relative value,so the other will lose.

A complex claim check might be defined as redeemable for a certainamount of gold plus a certain amount of Euros. There are numerouscreative redemption schemes to achieve various wealth stability goals.And every such BitMint coin is tradeable per the permission of the termsof use, written into the coin.

Conditioned Redemption

There is room for great amount of creativity in structuring redemptionof a BitMint coin. The conditions might be economical, political,environmental, personal, etc. A father may pass $50,000 BitMint money tohis son, payable upon presenting a certificate for successfullygraduating from college.

We present here the use of BitMint coins to trade with crypto money withgetting involved with any crypto stuff.

BitMint Trade of Crypto Money

There are numerous ways to accomplish the title goal. Here is one. abroker, B offers the following to the public:

Buy from me bitcoin redemption BitMint coins, investing some amount $X.I will collect all the money so paid me that will amount to a measure$Y=Σ$X, at date t1; at which date I will buy bitcoins at their goingrate at that date, (R US dollars per 1 bitcoin). I will follow theexchange rate 24/7. “If within the next 1 year+1 year) the rateincreases to 2R, I will immediately sell all the Y/R bitcoins I boughtat t1, and distribute to all my players (investors) per theirinvestment. If within a year the price never doubles, I will sell at thethe going price on that day. If the rate will drop more than 20% at anymoment, I will immediately sell all my bitcoins, and divideproportionally the proceeds.” The exercise might cost participants aminimal service fee. The participants will effectively participate inthe bitcoin gamble, but do so through a BitMint coin which is cryptofreed, and yet tradeable to anyone anyplace. The customer of such aservice will run the risk of losing up to 20% of their investment, andgaining up to 100%.

In review: Peer dependent currencies depend on the speed in whichsufficient number of peers can assemble for authentication of atransaction. They also involve a complicated cryptographic protocolwhich can be automated but is not very convenient for many users whowish to pay and get paid in a simpler way. These two issues: speed andcomplexity may be solved through BitMinting these peer-dependent coins.Accordingly one will openly purchase a sum X of the peer-dependentcoins, and then issue BitMint claim checks for whole, or part of X,where these claim checks issued in the BitMint format are traded theBitMint way. Since BitMint trading is very fast and very straightforward (no cryptographic complexity) it allows its holders to tradewith the peer-dependent currency (whether speculative or not) while onlyengaging in simple BitMint trade protocols. This solution will solveboth issues, and provide additional benefits to the trade of thepeer-dependent currency.

Cash Register Development

In the current computerized financial system, money has no ‘location’.It is information that is copied within the financial institution, andfreely accessed by all authorized parts of the FI. The idea of thedigital cash register is that money returns to many of its oldpre-computer attributes, when it was confined to physical coins andphysical banknotes. According to the BitMint Financial Language money isen entity comprising identity and value. While a coin can be copied asmany times as desired, it is not a good practice to do so becausethereby either copy can be used as payment, and the money transferredelsewhere. It would then be a burden on the financial system to realtime update all the holders of the copies of the same coin, to let themknow that this coin is no longer payable. In the old physical money,double payment was not an issue; once a dollar bill was handed over, itwas not there to be paid off again. Following this simplicity andsecurity it is best practice to have as many capsules-only coin copiesas desired, but to have only one copy of the coin itself. Remember thecoin logger is not a repository of coins, it is a database of coinimages and a tracker of one question: is a coin real—not fakes (meaningwas it minted by this mint), and if real then is it “live” or is it“dead’ (is it payable, or already paid). And that question is answeredin a per bit resolution in the basic BitMint Financial Languageimplementation and per fbit in the developed or “complete” BitMintFinancial Language implementation.

Once we agree that the FI will carry only one copy of the money, thequestion arises: where? We discuss some options: (i) central cashregister, (ii) local cash registers.

Central Cash Registers

In this mode, the FI will designate a unit that manages all the money inthe control of the FI. All other parts of the FI will have capsule-onlyrepresentation of the money, and use this representation for their workwith the money. (a capsule only representation is the full data of thecoin, except the payload). Once a sum of money is to be moved from oneaccount to another, then the involved parties will notify the unit thatmanages the central cash register, and request that the mentioned sum ofmoney will be assigned to the receiving account, and will be marked asremoved from the paying account. This cash register management until(CRMU) will verify the bona fide of the money with the coin logger, andnotify the parties that the payment was made.

If payment is required to go outside the FI (FI—financial institution)then, the paying unit in the FI will so notify the CRMU. There are threepossibilities for the type of the receiver of the payment. It may be (i)a receiver, not using the BitMint Financial Language, but rather stillwith the old classic way; It may be (ii) a receiver that is using theBitMint Financial Language but with a different mint, or (iii) it may bea receiver that uses a mint (BitMinter, and rBitMinter) with the payingFI. The CRMU will prepare the payment according to the type of thereceiver. It will use rBitMinter to generate a normal classic paymentstatement in cases (i) and (ii), and it will keep the BitMint coinformat in case (iii).

If payment is received, then if the payment is a FI sharing the mintthen, the coin comes in a BitMint format, otherwise in a standardclassic format.

Passing of BitMint coin between FIs will be done via size preservingsymmetric encryption of the payload, with a cipher that generates highentropy ciphertext. In that case the encryption of the payload will bemathematically secure due to high equivocation since there is a largenumber of keys that decrypts the ciphertext to a high entropy plaintext.

The CRMU will be focused on the integrity of the cash register. Anymoney thief will have to penetrate through the CRMU. Unlike today thatbreaking to a remote location allows a thief to succeed, with centralcash register mode, the money is only capsule-empty represented in theremote locations. The money itself is concentrated in the centralregister.

Local Cash Registers

In this mode, one returns to the old ways where local banks had vaultswith money of their local customers kept inside. Here again localchapters will hold a cash register and house the money of theircustomers. So instead of a central cash register, there will bedistributed cash registers. Money can be moved between two account whereboth are covered by the local cash register, and in that case the localcash register unit (LCRU) will mark this fact. Money can also be movedfrom one local cash register to another. This will take place with moneyin the BitMint format, with internal symmetric encryption which asdiscussed above is secure because the payload is encrypted with a sizepreserving symmetric encryption that generates high entropy ciphertext(and is fed by high entropy plaintext). If a payment has to be made toor from another FI then it is done in the way discussed with centralcash registers.

The local cash register unit may mark its coin as controlled by itself,so that this LCRU is the only authority that can submit these coins forpayments, and instruct the mint to update the coin logger accordingly.

Local cash registers have an advantage for cases where the globalcommunication is interrupted. A local branch holding a cash registerwill be able to handle the money under its control even when allcommunications with other parts of the FI, including headquarters arejeopardized. The local money can be activated through a generatorsourced power for the branch computers, and so the local population, thebranch's account holders, can be served, in dire times of naturaldisaster, or some man made malaise or some unfortunate error. Somesecurity strategies call for network disconnect in cases of a severe andsuccessful attack, such disconnect will still enable banking serviceseach bank's chapter to its local community.

Seamless Money Transfer Account to Personal Device

One of the important advantages of the BitMint Financial Language is theability to effect smooth and seamless transfer of money from an accountholder to the holder's personal device—back and forth. That is becausethe money in the account is kept a full fledged BitMint coin, residingeither in the LCRU or in the central CRMU. The owner will instruct theFI to move their cash to and from the phone or iPad, etc. Like in theold days the customer will load his phone with ready money for ordinaryexpenses, and restock his phone when they are running low. And when thecustomer receives a large BitMint coin to his phone, he can pass it onto his account. The money in the phone is more ready for payment, but ifthe money is not pre-secured to its owner as the only allowed redeemer,then this money will be lost if the phone is stolen, and the thievesrushes to redeem the money inside; similar to the risk associated with arisk full of cash.

Security Prospects

The BitMint Financial Language offers important security prospects, allhinged on the idea of reclaiming identity to the money expression. Thecash register can be embodied in a detachable unit which may be pluggedout during periods of low vigilance. The number of people trusted tooperate the cash register may be limited. Most of the bank executiveswill order money transfer through their capsule-only expression of moneystatement, but the money transfer itself will happen, later on, afterhaving been validated by the cash register control operation. The highquality randomization, and the freedom to use as many payload bits asone desires are the fundamental attributes that enhance the long termsecurity prospects of the BitMint Financial Language.

Unleashed BitMint Coins

So far the BitMint Financial Language was used either internally withina financial institution, or in a conversation between two FIs, or in ashared mint environment. We now address the option for a financialinstitution to unleash BitMint coins onto a trading public where suchcoins are transacted within the trading public, while this public is notpart of the FI, and may not be known to the financial institution thatmints these coins. This will be similar to issued coins and banknotesthat are traded within the public and the trade is not followed, notmonitored not known to the minting FI.

Such unleashing of coins is done through maintaining control over thecoin release operation, and maintaining control over the coin redemptionoperation. We have then the minting FI, called the “mint”, we have theoriginal trader to whom the FI issues the coin, “the first coin trader”or the issued trader, and we have the trader that returns the BitMintcoin to the mint asking for its equivalent in some other currency, mostlikely in fiat currency. This is the “last coin trader” or the“redeemer” of the coin. Between the first trader and the last traderthere are the in between traders through which the coin passed from theissued trader to the redeemer. One remembers that BitMint coin allow forsplitting by their payor up to the assigned resolution. So an issuedcoin C will be split to C₁ and C₂ such that C₁+C₂=C, each split willpossibly be split again, and so forth. Eventually all those splits willbe submitted independently for redemption.

When a coin is issued to the first trader, its image is added to thecoin image database. When a coin is redeemed, in part then the bits ofthe payload of the issued coins that comprise the payload of theredeemed split, are all set into “dead” or “paid” status to avoid doublepayment.

Since the mint is blind as to the ongoings with the coin and its splitsas they flow through the public of traders, there must be some way toinsure integrity and reliability of this trade between the issuance andthe redemption. Here are some:

1. coin refreshment. 2. payor's public credibility grading 3. insurance4. blockchain 5. hard wallet trade

By unleashing BitMint coins to the trading public the financialinstitute is ‘risking’ the situation that unknown characters are holdingthe money and using it in business. Having the public use one's money isof great advantage, and therefore many businesses and merchants will optfor it. We note the in this context the term financial institutionrefers not only to banks but also to merchants. The here proposedsolution is a good balance between control and freedom. The control ishinged on the two terminal points: the issuance of the BitMint coin tothe first user, and the redemption of the BitMint coin from the coinredeemer. What happens in between may be unknown to the mint or toanyone. The mint will be careful to redeem coins only in strictcompliance with the coin-written terms of redemption. Such terms mayindicate who can redeem a coin, what is the time frame allocated forcoin redemption, and on any ‘good to redeem’ signatures from designatedparties. So for example the BitMint coin can be used for escrowservices. The buyer will pass the coin to the seller. The seller willverify with the mint that the coin is valid and ready to be redeemed,but it needs an ‘ok to redeem’ signature signed by the buyer. Such OKwill be given when the paid merchandise arrives well at the buyerspremises. In case the buyer refuses to give the OK the coin stays nonredeemed by anyone, until the buyer and seller resolve theirdifferences, or a court issues a resolving order.

Coin Refreshment

A payee receiving a BitMint coin X, can instantly request the mint torefresh it, namely to take coin X and issue a new coin Y, such that$X=$Y, but with a fresh, unused payload. Coin X will be marked asredeemed so that the payor cannot use their awareness of the payloadidentity of X to redeem it again.

When the refresher trader (the payee) request a refreshment, they canidentify who they are, or perhaps they don't. All they need is atemporary secure channel with the mint, where X goes from the refresherto the mint, and Y goes from the mint to the refresher. If the refresheris registered with the mint, then they can share a symmetric key and useit to safely encrypt the payload of both X and Y.

The fact that the necessary security is temporary is critical. It willallow the use of means that are not susceptible to mathematicalcryptanalysis, like Diffie Hellman and RSA. Such alternative means areexemplified by U.S. Pat. No. 10,798,065.

Refreshment works equally for the full original coin or for any splitthereto.

Payor's Public Credibility Grading

Payor's may earn a trust grade, TG, and use this TG to convince thepayee that the coin transferred to them is bona fide. We discuss (i) howto achieve a trust grade, (ii) how to use a TG to convince a payee.

Achieving a Trust Grade

We discuss the following options: (i) using a trust broker, (ii) publicleverage.

Trust can be secured over a firm identity, which may reflect aparticular human being or reflect a trusted cryptographic entity whichmay hide the human person behind it. The payee does not intrinsicallycare who the payor is, they only care that the passed along BitMint coinis bona fide. Not a fake and not a double payment.

We discuss cryptographic identity versus human identity

Cryptographic Identity Versus Human Identity

Human identity appears solid because it may be ascertained throughpractically infinite data points, and because we humans have the builtin ability to recognize other human beings. So if Alice knows Bob, shecan ascertain if a fellow X claiming to be Bob is telling the truth.Human parameters are measured then reported over a trusted document(e.g. passport) that allows Carla who does not know Bob to determinethat X is Bob, based on the trusted document X is showing her. Let aTrust Broker issue such documents that reflect human identities, and doso for a large public, then the trust claimed by the Trust Broker isextended to the claimant who uses a Trust Broker issued document toclaim his or her identity.

Cryptographic identity is based on a bit string of much smallerinformation content then a full human being. Alice and Bob can share anidentity verifying string AB, and use it vis a vis each other to provetheir identity to the other. There are well known cryptographic means toexchange AB without exposing it on an insecure channel. However, thisworks only for two parties that know each other beforehand.

The advent of public/private keys cryptographies allowed cryptography toextend its power for strangers. Alice will publish her public keyA_(pub), and when she approaches Bob she passes him a message: M=“I amAlice and I wish to transact with you in this particular way.” Then sheencrypts M into a ciphertext C, using her private key, A_(pri): C=Enc(M,A_(pri)), and passed C to Bob. Bob decrypts C with the published publickey of Alice and extract M′=Dec(C, A_(pub)). If M=M′ Bob concludes thathe was approached by Alice, since it is assumed that only Alice hasknowledge of the matching private key, A_(pri) to Alice;'s public key,A_(pub). This way Alice and Bob, strangers as they may be establishtrust of identity.

Like other methods, this method to establish identity is fraught withrisk, much of it is well known. New methods to neutralize some of thesedeficiencies are known (U.S. Pat. No. 10,798,065).

Alice can build a measure of trust to herself based on the public key,A_(pub) that she can use as above. If for any reason the holder ofA_(pub) is associated with a high level of trust, then the payee willnot be too interested in the identity behind A_(pub), and be satisfiedthat whoever that person or entity is—it, he ,or she are trustworthy.

Using a Trust Broker

A Trust Broker, TB, will make a business charging members of the public,to investigate them to such a level that the TB can issue a statement oftrust in the inspected individual. The TB will be able to sign thisstatement with his private key (TB_(pri)), such that any payee will beable to read this trust statement using the Trust Broker public key(TB_(pub)).

The statement of the trust broker may specify a name of an individual,say Alice, or it may specify a public key of an individual, say Bob(Bob_(pub)). In the former case the payee will have to ascertain thatthe payor is Alice by any means that satisfy the payee. In the lattercase the payee will ask the payor to encrypt something in a way thatwill allow the payee to decrypt it using the public key identified bythe signed statement of the trust broker. In our example above the payeemay give Bob a random statement r, for Bob to encrypt using B_(pri),resulting in s=Enc(r, Bob_(pri)), and the payee will then decrypt s tor′: r′=Dec(s, Bob_(pub)) and if r=r′ then the payee is satisfied thatBob is the payor and because of the statement of the trust broker thatthe payor is trustworthy—even though the payee is clueless as to thehuman identity of Bob.

This scheme has its risk, some of these risks can be mitigated by (i)punishing individuals that behave dishonestly—not issuing to them anymore trust grade, and (ii) limiting the time validity of trust gradestatements, so that individuals have to come time and again to the TrustBroker, prove their clean slate and request a renewed trust statement.

Public Leverage

Blockchain technology opened a range of applications where a network ofpeers brings to bear community credibility. Any of such applications maybe used for payee to check on some public ledger that the payor, (whoproves their identity with public/private key or some other bona fidemethod), is a source of high repute so that there is little risk isaccepting a digital coin from that source. Such trusted payor mayachieve its trust in a formal trust building network, or it can assumesuch trust based on informal reputation. For example, if a high-reputedlarge chain store is paying one a digital coin, it may be assumed bonafide, on thought that this chain store will not risk its hard earnedreputation on cheating for some minuscule amount of money.

Using a Trust Grade to Convince a Payee

To convince the payee, the payor must (i) convince the payee that theclaimed trust grade is genuine, and (ii) convince the payee that thatthe payor is who they claim to be. The standard way to prove both partsis with an application of the public/private key algorithm. Thisextensively used tool is at risk of collapse on account of quantumcomputers and better math. Alternatives rely on human biometrics thatcan work on both parts of the convincing. This can be done by the payorshowing biometric evidence to the payee and the trust grade originatorpublishing trust grade relative biometric data of the payor. Instead ofdirect biometric, one can resort to the Derived Trust Method

The Derived Trust Method

In this method a trusted trust broker, TB, will inspect a trust customerper their identity, and satisfy itself of this claimed identity, X. Thenthe TB will issue to X a trusted code TB_(x), to show to payees. Thepayee will trust the TB_(x), as it was issued by the trustedtrust-broker, TB, and accept the digital payment without having anyinformation as to the identity of the payor X. The TB keeps the linkbetween the identity of X and TB_(x) secret.

To increase its privacy customer X will approach a second trust broker,TB′, submit TB_(x) and request to be issued a trust tag TB′_(x) forthemselves. The use will be the same. Payor X will submit TB′x to thepayee, and the payee will accept the money on the trust claimed by TB′.This process can be repeated. Customer X may approach a third trustbroker TB″, submit TB′_(x) and request a matching TB″_(x). And so on.

By so doing customer X will increase the confidence of his privacy. Byusing TB″_(x) to make payments, any hacker will have to violate thesecurity TB″ and the security of TB′ and then the security of TB inorder to dig out the identity of X. Also no employee of any of thesetrust brokers will have enough information to reveal the identity of X.Trust broker TB″ will trust the trust tag that was issued by TB′(TB′_(x)), and simply establish a secret link between TB′_(x) andTB″_(x), and so for TB′ versus TB. The trust brokers make money bycharging their customers, and customers will decide how many securitylayers they wish to use. All the trust brokers are government faithful,and will abide by a court order to reveal their link. Hence, if thegovernment suspects foul play or has any reasonable evidence to convincea judge, then it will be granted a permit to unveil the identity of thesuspect. They will do so sequentially starting with the trust brokerthat issued the security or privacy tag used by the suspect, find whatprivacy tag the suspect used as input and proceed there until they flashout the human identity of X. This is a fair balance between ordinaryprivacy and the need of the government to curtail crime.

The submission of a privacy tag TB_(x) may be direct, may be viaprivate/public key solution, or via a card with a dialogue for security(like EMV), as the case may be.

Insurance

Payors may seek to buy insurance and then present their insurance cardto the payee. The payee upon verification of the boba fide of theinsurance card will accept the payment knowing that if it turns out tobe a counterfeit or a double payment then the insurer of the payor willfoot the bill. The insurer might request a deposit sum for the insurancecertificate, or ascertain other attributes. The insurer may limit aninsurance certificate to a certain sum and to a certain time frame. Heretoo the insurance certificate (card) may be submitted directly or usingpublic/private solutions, or any newer methods. The certificate may belimited in time and in sum. Alternatively the payee may real timecontact the insurer to get a guarantee to pay, if anything is wrong. Itmight be easier for the payee to reach out to the insurer then to themint to validate the coin,

Blockchain

Using block chain technology payment of BitMint coin may be managed,relying on the same algorithms that underlie the very common cryptocurrencies. Unlike most crypto currencies, the BitMint coins exchangedand validated through blockchain will have a guaranteed redemption rate.When they are submitted for redemption then in agreements of the termswritten to each coin, the mint will honor its minted money. Here theblock chain solution will also be one option for quick trade. If themathematics on block chain fails, this transaction avenue will beclosed, but the currency itself will not be affected. In many cryptocurrencies the collapse of blockchain math spells the collapse of thecurrency as a whole.

The idea behind blockchain may also be implemented in less elaborateways. The principles involved are (i) private public key cryptography,(ii) layered security, and (iii) majority trust. The layered security isthe idea that a statement S₀ may be signed by its issuer node “0” andthe signature s₀ is put adjacent to S₀. Comes now node 1, add astatement S₁, adds it to the combined S₀s₀ statements, to yield S₀s₀S₁,and then signs the entire concatenated string as signature s₁, which isconcatenated to the signed string. Then node 2 does the same pattern,adds a statement S₂, then signs everything before it plus S₂, and thesignature s₂ is added to the growing string. By so repeating thevalidity of statement S_(i) is supported by all the signature s_(j) forj>i.

The idea of majority trust is based on the notion that ‘truth is whatthe majority claims truth to be’, or say, the notion that no minority ofnodes can possibly assume control of the network. The thought is thatcriminals and cheaters are a few, the majority is decent and honest.There are several mechanisms by which any disagreement between twostatements X and Y is resolved by comparing the number N_(x) nodes thatsupport, sign of, on statement X, to the number N_(y) network nodes thatsupport, sign off, on statement Y. If N_(x)>N_(y) then statement Xprevails—is considered ‘truth’.

These ideas can be applied to a chain of payment by building a publicledger. If the network is small the ledger can be seen by all, and guidethe transactions. The network might allow a ledger manager to be incharge of keeping it up todate, Every transaction will have to bereported to the manager. Using the BitMint format the mint is thenatural manager of the ledger. It is important to note that the ledgermanager and the reading public may not know who holds the money, becausethe ledger only identifies the identity of transacted coin (or splitthereto), not what is the value of this coin, and also the owner of themoney may use a privacy protecting tag issued by a trust broker. If thenetwork is large and no ledger manager is trusted then a solution may bebased on the idea that a payee is interested in the network knowing thatthe transacted coin is now in his possession, and wishes the publicledger to reflect it. Therefore the payee wallet will send thistransaction data (with all the signatures of payor and payee to validateit) to as many peers as the wallet can find. In addition the networkoffers rewards to nodes that assemble as many transactions as they canfind, sign them with a signature that also satisfies a ‘hardness test’designed to make it difficult and costly to find a compliant signature.If a node expends all this effort to sign a collection of transactions,but another nods found more transactions, then the other node signatureis accepted as the update of the public ledger. This means that nodesthat try to assemble a block of transactions have a serious interest tocatch all the transactions that occurred since the last block was addedto the public ledger. By combing the interests of the payee and theinterests of the block preparer—the system operates with a fullcomprehensive public ledger that faithfully reflect the state oftransactions.

As far as the mint is concerned, its interests are focused on theredemption request only, to verify that it is bona fide according to allthe terms of redemption written into the BitMint coin.

Hard Wallet Trade

By storing money in a trusted hard wallet, the payee will trust themoney that is being issued from this wallet. And if the recipient of themoney is also a hard wallet then it too can pay the money furtherclaiming the same trust. And on it goes from one hard wallet to thenext, money flows within the trading community, until at some point theBitMint digital coins are redeemed at the mint. The key is the publictrust in the hard wallet. One technology that offers such trust isexpressed in U.S. Pat. No. 11,062,279.

Applications: Applications of unleashed coins are very numerous from theblue sky global currency down to national fiat currencies, further downto local government currencies, store currencies, and special purposecurrency. And what's more, they can be related and defined one off theother.

Advanced BitMint Financial Language

In the basic BitMint Financial Language the meta data (the mintattributes) provide value function that determines the value of each bitin the payload bit string, such that the value of the coin is the sum ofthe values associated with all the bits of the payload. We now evolvethis basic format to replace the single bit with an entity to be calleda ‘financial bit’ or fbit for short.

The fbit is a bit string comprised of an fbit payload (fbit_(payload))and fbit meta data (fbit_(meta)) that includes fbit value function(fbit_(valuefunction)=fbit_(vf)). Each fbit has internal value fbit_(iv)computed by applying the fbit_(vf) to the bits on the fbit payload. Thecoin will include value function used to compute the value of each fbitin the coin as a function of the coin value function Fv, and theinternal value of the fbit (fbit_(iv)). The coin Fv will indicate theway to calculate the value of each fbit in the coin, then summarizingthe values over all the fbits in the coin payload.

[Coin Value]=C _(v) =Σfbit_(v)(i) . . . for i=1 to n, for the n fbits inthe coin.

A coin that is based on fbits will be comprised only of fbits not onplain bits.

We can say that:

fbit_(v) =Fv(fbit_(iv))

where:

fbit_(iv) =Σv(i) . . . for i=1,2, . . . f, for the f bits in the payloadof the fbit,

and where the value v(i) of bit i in the fbit payload is determined byfbit_(vf) that determines the value of each of the f bits in the fbits.

The identities of the fbit are randomized. This randomization keeps theconcept of identity fused with value through the evolution of theBitMint coin from the simple bit based coin, to the more developed fbitbased coin. The evolved format gives a great measure of versatility andflexibility as well as a means to reflect anything financial ascomplicated as it may be. The eventual value of a coin depends here onthe coin value function in the mint attributes meta data as well as onthe various fbit value functions in each fbit.

Illustration: fbit1 in a coin is comprised of a payload of 10 bits1001100011, and the fbit value function says that each fbit payload bitis worth $1.00. The internal value of fbit1 will be $10.00. The valuefunction in the coin that contains fbit1, says that the value of eachfbit is 3 times it internal value, so the value of fbit1 will be $30.00.The same coin also has a second fbit: fbit2. Its payload is comprised of12 bits: 001001101001 The value function in fbit2 says that each bit inthe fbit payload has a value of $2.00 if redeemed by July 1st, and avalue of $2.20 if redeemed after July 1st. If the coin is redeemed June28, then the internal value of fbit2 is: $2.00*12=$24.00, and the valueof fbit2 is fbit2 _(v)=24*3=$72. If the coin is comprised only of fbit1and fbit2 then the total coin value is:

[coin value]=C _(v) =fbit1_(v) +fbit2_(v)=$30.00+$72.00=$102.00

If redeemed before July 1st. The fbit based BitMint coin may be furtherevolved. Much as the fbit is an evolution of the plain bit, so a fullBitMint digital coin is the evolution of the fbit. In other words thefbit can be replaced with a so called fbit coin (fbit_(coin)). In thatcase the coin value function Fv, will determine the value of thefbit-coin (fbit-coin_(v)) based on the value of the fbit coin. So thevalue of the fbit coin will replace the internal value of the fbit.

A coin may be a comprised of a series of fbits and fbit-coins.

Illustration: a certain coin X is comprised as follows:

[coin X]=[meta data(TA, MA)][coin payload]

[coinX payload]=fbit1−fbitcoin1−fbit2

fbit1 has an fbit payload comprising 6 bits: 001110, with fbit_(vf) thatsays that each bit in the fbit payload is worth $3.00

fbit2 has an fbit payload comprising 9 bits: 011010111, with fbit_(vf)that says that each bit in the fbit payload is worth $1.00

the fbitcoin1 is evaluated to be worth $50.00.

The value function of the coin treats the fibits and the coins aseffective fbits (efbits), and says that effective bit i (for i=1,2,3) iswith 2i*efbit_(iv) dollars.

Accordingly fbit1 internal value, fbit1 _(iv)=$3.00*6=$18.00, fbitcoin1is worth $50, fbit2 internal value, fbit2 _(iv)=$1.00*9=$9.00, andhence:

[the value of coin X]=X _(v)=Σ2i*efbit_(iv)=2*18+2*2*50+2*3*9=$290.00

Each fbit-coin can be any BitMint coin, and hence it can also be basedon fbit and effective fbits namely the fbit coin may be comprised of oneor more BitMint coins that are internal to the fbit-coin. This willfurther apply to the fbit coins inside the fbits coins, and repeatitself as many times as desired resulting in a cascade of financialexpressions that summarize to the value of a the summary coin.

This cascade allows for distribution of conditions to compute theredeeming value of any BitMint financial instrument at any specifiedtime. These conditions may be put in very internal coins and fbits up tothe top layer in the outer coin. The wealth of these redeemingconditions allows the BitMint Financial Language to be rich enough toexpress cash, credit, debit, promises to pay, investment instrumentssimple and complex. All will fit into the framework of the evolvedBitMint Financial Language.

The value of a coin is determined by its meta data valuation functionVf, and the internal values of the constituent fbits. If one or morefbits are BitMint coin themselves, then the coin value is regarded asthe internal value of the coin functioning as an fbit in a larger coin.And if the smaller coin is comprised of fbits where one ore more of themis a coin then the cascade goes a level deeper. The value function ofeach coin relates to the internal value of each fbit, and does notpenetrate into how this internal fbit value was arrived at. This createsa layered cascade where all the terms that are written into the lower(smaller) coins and fbits are factoring in the determination of theouter coin.

We show the simple case where a coin C₀ is comprised of a singe fbitwhich is in fact coin C₁. Coin₁ is comprised also of one fbit whichhappens to be a full fledged BitMint coin, C₂, and so each subsequentcoin is comprised only of one fbit which is a lower coin. This defines aseries of coins C₀, C₁, , , , , C_(p). Each of the p coin is associatedwith its own value function, resulting in Vf₀, Vf₁, . . . Vf_(p).

The value of C₀, written as C_(0v) will be expressed as:

C _(0v) =Vf ₀(C _(1v))

or say:

C _(0v) =Vf ₀(Vf ₁(C _(2v))=Vf ₀(Vf ₁(Vf ₂( . . . Vf _(pv)(C _(pv))) . .. )

All the values function of all the specified coins were involved. Eachof the p value functions is independent and can range into any logicalexpression. A value function can be defined as the opposite sign of theinternal coin value, or can be defined as a fixed value regardless ofthe internal coin value. Of course the idea is to assign the valuefunctions so as to express a complex situation in a form faithful to thedesigned and desired complexity.

And combination of logical conditions can be used to determine theredeeming value of a coin. This expands the BitMint Financial Languageto all sorts of financial instruments and conditional promises to pay.

The Advantage and Technology of Identity Bearing Digital Coins AnElaborative Discussion of the Specified Invention

A payee who received $10 from one account, then another $10 from anotheraccount will count $20 in his account, but will not be able todistinguish which dollars came from which account. That is because thetransfer was done through a number ($10) that has no identity. Not sowith bitcoins—each bitcoin has its own identity. And there lies afundamental difference, as discussed below.

Instead of crypto currencies we propose a mathematical structuredesigned to optimally represent any splittable accountable media (SAM)which is what money is. And since we may wish to divide moneyindefinitely, we further designed a digital representation to capture aSplittable Accountable Media—Infinitely Divisible (SAM-ID).

To achieve this optimal representation we propose a new financialalphabet and a new financial language to go along with it. This is theBitMint alphabet and the BitMint language. Because of their optimality,their advantage will be felt over anything financial large or small,cash or credit, simple, or complex, safe or risky, for spending and forsaving, for paying debt or for prospective investment. The mere changeof alphabet from Roman notation (i, ii, iii, . . . ) to Arabic notation(0,1,2,3 . . . ) has steam rolled the economies of yore. We expect astrong impact from adaptation of the BitMint financial alphabet and theBitMint financial language. The central features of the BitMintfinancial alphabet and the BitMint financial language are:

1. collapsing the chain of trust into a highly secured,breach-recoverable point of trust.

2. replacing the identity-less value number in a digital coin with anidentity-bearing value number

Together these two ideas will effectively dampen fraud, and empower theeconomy.

Collapsing the Chain of Trust to a Singular Center

Legacy Digital coins (bank accounts) are paid on the foundation of achain of trust that spreads through the correspondent banks. This opensup a large front through which attackers aim at the system. The largerthe front, the greater the challenge for the defenders. It is thereforeof great strategic advantage to collapse this large digital front to awell-protected center.

The BitMint strategy is doing exactly that. The principle is simple. Allthe data needed to prevent fraud is organized in one central location,the payment database (PDB) alternatively regarded as the Digital CashRegister. When a transaction happens then a payee communicates with thecash register management unit, CRMU, which authenticates thetransaction, and updates the cash register to reflect this event. Aslong as the cash register is kept safe, fraud will be kept at bay. Thisassumes of course that there are no errors sipping in, and theidentities of the communicating parties, and their communication is keptsafe and uninfected by fraud or error. While this assumption can bechallenged, the principle is of great importance. To the extent that thecash register is kept clean and un-invaded, and to the extent that thepayment apparatus insures that parties' identities are verified andcommunication with them is not compromised, and to the extent that cashregister includes all the relevant payment information in a readilyaccessible form, then no fraud will occur.

For this method to be effective it is necessary to identify what isbehind the term ‘all relevant information needed to defeat fraud’. Onits face, this should include all the information that is now kept inthe full chain of payment custody. Two issues loom: (i) overload ofdata, and (ii) risk of single point failure.

These two issues are handled through (i) categorization of risk, and(ii) single point failure countermeasures.

Categorization of Risk: When it comes to money we can distinguishbetween two distinct risk categories: foundational risk and operationalrisk. Foundational risk is to the viability of the currency per se,Operational risk is possibility of theft and false claim of ownership.Both risks need to be properly met, but the responsibilities can bedivided.

Foundational Monetary disk; Unlike gold or other manifestations ofphysical money, digital money has absolutely no value per se. It's acloud floating in cyber space. And as such it may disappear in any briefinstance. This risk is universal for all digital money of any form orfashion. The way to meet this risk is through mooring—tying the digitalcurrency to a physical media for which the likelihood of suddendisappearance is negligible, and so is the likelihood for suddendiscovery of large quantities thereof.

Bitcoin, for instance, is not moored to anything, it trades withinitself, it generates by traders' consensus, and it commands valuebecause traders are willing to accept this currency when payment isowed. But this trust extended by traders is backed by nothing beyond thede facto reality of wide spread consensus. Humans are whimsical, andanything popular today may be unpopular tomorrow. If bitcoin tradersfind a better sort of money they will abandon the bitcoin, which maycollapse to a total zero—because it is moored to nothing.

The digital dollar of today is well moored to the wealth of the UnitedStates as represented by the Federal Reserve which was established bythe people's representatives, and the people own this country. So whilethe digital dollar today is not as clearly moored as yesterday'sbanknote which was moored to gold, it suffers from no risk of overnightannihilation as bitcoin and it ilk does. History recorded quite a fewcases where national currencies collapsed. In between the wars inGermany people would push wheelbarrows full of worthless marks to buy aloaf of bread. But Germany, and all other failed currency situationsclimbed back up because a national currency reflects national wealth.

So BitMint money is established as a digital entity that is moored to aphysical media. In the national arena, the mooring will be done towardsfiat currency that represents the wealth of the nation. And inparticular BitMint money will regarded as claim check for the underlyingfiat currency.

There will be a mint connected to a bank. The mint will generate BitMintmoney bills, and release them to the trading public against a par valueof national currency, or against a payment in kind judged to be worththe value of the passed digital coin. This strict exchange does applyonly when the mint and the bank are organs of the central bank. If themint and the bank are other than the central bank then the BitMintdigital coins are forwarded against a strict pay of the nominal value ofthe digital coin.

The mint will then collect all the data necessary to be able to operateas a redeemer of BitMint digital coins. Anyone approaching the mint,handing over a bona fide digital coin will be owed by the mint a parvalue of fiat currency.

The requirement of the mint are to keep the integrity of the system intact. Namely insure that every coin submitted for redemption will be: acoin that was actually generated by the mint and given to the originalbuying trader, and a coin that has not been paid out before.

If the mint is able to insure the above, then it will meet thefoundational threat. Counterfeiters and double spenders will not go veryfar, will be flushed out.

What the mint in this base mode will not do is insure that the redeemerof a coin is the rightful owner thereto. A thief will be able to redeema BitMint digital coin much as a proper owner. This works like cashtoday. When a depositor puts cash on the table he gets a par creditstatement into his bank account, without the bank verifying that themoney belongs to the depositor. Lately a few new regulations modify thissituation which was prevailing for hundreds of years. Large amounts ofcash holders are increasingly asked to keep track of their money, and soare digital money holders.

This simple formula: issuing digital coins and redeeming them—allthrough a central authority, allows for active trade in these digitalcoins to flourish. Digital coins will be passed around betweenstrangers. Payees will simply check with the mint if the paid coinqualifies for redemption. If it does they may actually do so, eitheragainst the par value of fiat currency or against another digital coin,of the same value. The freshly minted coin, if communicated securely tothe trader, will be of much lower risk to be stolen and redeemed byothers.

What has just been described is a bank-less trade. The chain of trustprovided by traditional payment authentication procedures has here beencollapsed to a singular authority—the mint. As long as traders haveready access to the mint, they can trade with complete strangers forwhom they have zero trust. In fact even if a payee suspects that thepayer stole the money he pays with, it would be no problem. The payeewill redeem the money with the mint (or exchange it with another digitalcoin), and then rely on the finality of the exchange and the policy ofthe mint to redeem any valid coin that has not been redeemed before, nomatter who the redeemer is.

This trade between strangers works for small and large transactions. Itrelies solely on the trust extended to the mint. To cement this trustthe mint must safely deposit all the fiat currency it is being paid bythe buyers of the digital currency, so that even if all digital currencyare submitted for redemption at the very same time—there will be enoughfunds to honor each and every digital coin.

So this simple arrangements—digital coins as claim checks—voids the needfor institutions that ruled over finance for centuries: the bank. Everyenterprising group of individuals could form a de facto bank, designedto build up the credit market—investing in people and ideas that willrip profit to be shared between the entrepreneur and her investor. Oncethe element of trust is not hinged on the corresponding banks, they willface fierce competition from enterprises who develop better methods tospot good credits. This is massive democratization of finance.

Operationally this configuration dramatically reduces the vast amount oftrade information held today within the corresponding banks. We recallthat every payment today must be traced for its source as a payment tothe current payer, and this prior payer will have to be able to provethat the money, the digital coin, was paid to him from a yet earlierpayor, all the way to the central bank. To avoid this cumbersome totalbacktracking the banks build themselves as castles of trust. Thesecastles line up as a chain of trust, with all the evolving transactionalinformation always ready for examination. In a sharp contrast in thissingular point mint, we have a payment database (a digital cashregister) that is so much simpler. It simply lists all the minted coins,and marks each coin as already redeemed, or not yet redeemed. No otherinformation is needed. The long wake of transactional records is nolonger needed for payment to flourish.

When a BitMint coin is submitted for redemption by any redeemer, themint simply checks if this coin has actually been minted by it, and ifso whether it has already been paid out. It will redeem the coin only ifit is a coin it actually issued and has not yet redeemed. The mint willreject the redeemer otherwise.

We will discuss further, other than this basic mode, where the mint willcarry some more information, but in this basic mode, minimalinformation, standard database technology will be sufficient todismantle the current financial structure based on an elaborate chain oftrust (castles of trust): financial institutions that positionthemselves as the necessary intermediary between any strangers wishingto exchange money and merchandise.

To exercise this solution it is necessary to write the digital coin suchthat they can be recognized as minted by the mint. We now address thischallenge.

Recognizing Minted Digital Coins: We start with the traditional digitalcoin—account based. It is comprised of meta data and a value number thatidentifies how much this account (coin) is worth. The mint will be ableto store this account meta data plus value number, and when this coin(account) are submitted for redemption the mint will recognize it asminted by it. The meta data might include time stamp, account number,etc. to make it easier for the mint to recognize the coin.

The BitMint idea is to write digital coins in a different language wherethe singular clearing house based only coin data is very much feasible.

Single Point Failure Countermeasures: Countermeasures are categorized asfollows: 1. Deterrence 2. Walls 3. Off-Line Recovery 4. RedemptionHierarchy

Deterrence is accomplished by law, rigorously applied. Regardingattempts to compromise the mint as a major national crime.

Walls is a term that covers all the standard measures taken by serversand databases to protect against hacking,

Off-line recovery is the idea of keeping a very frequent off-line copyof the live mint database. Should a compromise be detected, the systemcould be restored to the state of the last backup. BitMint money in itsmost secure form has the off-line data off-digital realm, totallyunhackable (using the Rock of Randomness Technology).

Redemption Hierarchy is the idea of the mint passing reduced informationcopy of the mint data base (RI-Mint-copy, RIM or RIMCO) to an assignedredemption authentication center (RAC). The RIMCO is designed to besufficient to authenticate a coin submitted for redemption, but notsufficient to defraud the mint with its data. A RAC may apply thistechnique iteratively by providing a further reduced mint copy to anassigned redemption authentication center (RAC) . This process continuesiteratively. Redeemer engage the low level RACs and even if theycompromise them, they don't have enough information to redeem their coinin the higher RAC. Eventually all the RAC report back to the mint for afinal authentication.

Identity Bearing Money Technology

We have concluded that the current language for digital coins isinherently vulnerable to errors and fraud, and it presents an undueburden on the need to keep track of money flow. If we keep the currentlanguage, we will remain locked to the prevailing mode of keeping moneyand transactions with good integrity—a mode that is based on chain oftrust which is both hard to maintain and is vulnerable to abuse—since achain is as strong as its weakest link.

It is therefore a critical objective to devise a new language to expressa digital coin. Such language is presented through BitMint.

The root of the BitMint language is the realization that the heart ofthe digital coin—the bits that represent the value of the coin—is anidentity-less entity.

The BitMint accounting language (or BitMint money language) denieshackers this easy path. How? By making the identity of the bitsirrelevant for value interpretation.

The BitMint accounting (money) language removes the foundational risk ofcounterfeiting the coin collection, and the operational currency ofstealing money. Payees will OK a payment only if the paid coin wassuccessfully redeemed or exchanged.

All this benefit was achieved by this method where the payload (not justthe metadata) is bearing identity. The ability to write value withidentity-bearing value bits is achieved by a method in which theidentity of the value bits does not play a role in determining the valuewritten with the value bits. This is in sharp contrast to the prevailingmethod where flipping even one bit in the string of value bits willcause a change of the value carried by the value bits.

The very fact that the identity of the value bits do not play a role inexpressing the value of the coin is a door opener to a rich world ofpossibilities. The value bits will be possibly manifested as qubits—bitsexpressed through quantum mechanical technology, which is the future ofcomputing.

The BitMint accounting language offers two unique advantages that renderthis language into the preferred mode of discourse, the most effectiveaccounting jargon for everything finance: (i) splitting, and (ii)tethering

Splitting:

As described we have here a unified language that can express billionseven trillions of dollars as well as any smaller amount—indefinitelysmall. The BitMint accounting language treats money as SAM-ID—splittableaccountable media—indefinitely divisible.

This splitting power and the range of use its covers makes the BitMintaccounting language into an attractive choice. The property of beingindefinitely indivisible is getting more and more important astechnology surrounds us with a growing network of the Internet of Thingswhere devices perform services one to the other, some such services areextremely small and fast and will charge a tiny amount of money thatmust be paid real time. The BitMint accounting language is perfectlysuited for this task.

tethering: Business today works with a myriad of accounts, which areeach tethered to owner, to purpose, and to any logical terms of use. Butwhen an amount of money leaves such an account and resides in anotheraccount then it is up to the new account holder to decide whether tohonor any of these tethered conditions. In other words tethering todayrelies on the chain of trust through which money flows, and is as robustas the weakest link in that chain. Large amounts of money that wereoriginally tethered and restricted escape from this restriction and flowfreely in the economy. Much of it is harmless but then again much of itbecomes a target for abuse. That is because today tethering hooks to theaccount where the money resides, not to the money itself.

The limitation on tethering today is hinged on the fact that the moneyper se is identity-less, it is just a number, and cannot be grabbed,hitched with a tethering restriction. By contrast the BitMint moneylanguage writes the payload bits in an identity-bearing format, so themoney itself can be tethered and the tethering will stick.

But tethering works also because of the claim check configuration ofBitMint money and the centralized minting and redemption center. ABitMint coin will be minted and issued with some tethered requirements.This requirements imply that the coin will not be redeemed if theserequirements are not met. And since it won't be redeemed in violation ofthe tethering requirements then no payee will accept such money.

Identity bearing money allows the money giver to apply terms andconditions to the money after the money has been transferred. Today whenmoney is exchanged as part of a contract, the payer invests a great dealof effort following up, monitoring the use of the money, to insure it isused according to the terms of the contract. But if the terms of thecontract are tethered into the money itself, then the money cannot beused in violation of these tethering, and no follow-up is needed. Adramatic change in how business is conducted.

Through the mechanism of tethering the mint will rise to extendprotection not only to foundational risk but also to operational risk.The simplest mode is ownership assignment.

Ownership assignment: A BitMint digital coin can be assigned to ownerAlice. This ownership assignment will be indicated in the cash register,the ledger kept by the mint. Any one attempting to the redeem that coinor any fraction thereof, will be asked to prove her identity as Alice.The cryptographic means to prove identity and their robustness isanother issue, not the main one here.

This simple ownership tethering will allow anyone to keep all her moneyon her phone. If the phone is lost, she calls the mint, the money on thelost phone is voided, and Alice is issued a new coin of same value.Anyone who finds or who has stolen Alice coin will not be able to redeemit, and hence will not be able to pass it around as payment.

Ownership assignment works per groups too. So a financial institutionwill tie its money to any employee of the bank and not to others.

Ownership tethering may be removed by the rightful owner by simplyexchanging the tethered coin with an untethered coin of samedenomination.

Transfer: Most money movements take advantage of the Internet, and keepconfidential through the power of encryption. Alas, the advent ofquantum computing is a looming threat on the prevailing ciphers, and itrequires a suitable answer.

The BitMint alphabet and language are inherently quantum crypto secure.

Since the payload, P, of a BitMint coin is randomized—the identities ofthe payload bits are randomly determined—then any common symmetriccipher using a key, K, encrypting P to a ciphertext C: C=Enc(P, K), willnot be vulnerable to quantum cryptanalysis or to any crypto analysis.

The above assertion can readily be substantiated. We regard AES, or3DES, and scores of other popular symmetric cipher as ‘commonly used’.These are ciphers where flipping one bit in the cryptographic key willresult in a completely different plaintext when used for decryption.More precisely, decrypting the ciphertext with a randomly selected key(not the one used to generate the ciphertext) will result in a veryrandomized plaintext. Normally the plaintext is textually wellstructured, way off randomness, and that is the basis for thecryptanalytic method known as brute force, where many keys are trieduntil the computed plaintext is a properly structured text. But thisdistinction will not work here, because the encrypted plaintext israndomized not a well structured text.

In other words: a cryptanalyst trying to decrypt C with another keyK′≠K, will yield another payload P′≠P, which in all likelihood will berandomized, and as such be a viable candidate for P (which thecryptanalyst knows is also randomized). Trying with other keys K″, K′″,. . . the cryptanalyst will extract more and more proper candidates forthe payload P and will be unable to distinguish between all thesecandidates.

To make this work it is necessary to encrypt the payload with a separatekey, not the key used to encrypt the metadata of the coin. The twoparties will share a meta data symmetric cipher key, K_(m) and a payloadsymmetric cipher key, K_(p), and make sure that K_(m)≠K_(p).

Some symmetric ciphers generate a ciphertext C of size |C| larger thanthe size of its generating plaintext, P: |C|>|P|. For such ciphers thecryptanalyst will not even know how long the plaintext is.

Trust and Visibility:

Managing money the BitMint way, each coin is tracked by the centralauthority, the mint. The mint could tether each minted coin with a dateof expiration. This will require dark money to come to the surface to beredeemed or to be exchanged with a fresh digital coin. So no longeroodles of hidden stack of cash.

Fair taxation may take place first selecting a taxation rate, thenrandomly selecting coins in the coins database to be slated to be paidto the government as taxation. Thereby no tax cheaters and all moneyholders will pay in proportion to their holdings.

When two strangers enter into a business deal (perhaps cross border)they share mutual mistrust. The buyer is apprehensive about paying andnot getting the merchandise and the seller is worried about sending themerchandise and not getting paid. A human escrow solution is expensive.With the BitMint financial language it is possible for the buyer to sendthe money to the seller but hold off redemption until the buyer sends anOK signal to the mint. In other words the money paid to the seller istethered to the buyer's OK signal, but the seller can verify with themint that the money is good. If buyer and seller fall into disagreementthen the mint will hold the money until a judicial resolution.

Advanced BitMint

The BitMint account language was presented here in its simplest form.The language may be used in sophisticated modes.

We discuss here: (i) BitMint payload technology, (ii) Generalizedfinancial entities, (iii) InterMint, (iv) BitMint-AI

BitMint Payload Technology: The cardinal rule of extracting value fromthe payload bit string is that the identities of the payload bits willnot play any role in determining value.

We discuss payload technology options as follows:

-   1. non-uniform value bits-   2. beyond cash-   3. financial bits

non-uniform value bits: In the examples above the payload wasinterpreted based on a fixed dollar value per payload bit. Thisrestriction may be removed, and expanded so that bit i in the payloadstring comprised of n bits will be valued an arbitrary value v_(i). Andthe value of a substring stretches from a starting bit s, to end bit ewill be worth:

C{s:e}=Σv _(i) . . . for i=s, s+1, . . . e.

This extension has several applications:

-   1. bit value flexibility—BitMint alphabet versatility-   2. compacting payload size-   3. using a fixed size payload string.

BitMint Alphabet Versatility: The BitMint financial alphabet comes withbuilt in size flexibility where identity and brevity are balanced out. Adigital coin, or any financial entity may be written with few lettersbut with a poor manifestation of identity, or it may be written withmore letters (symbols), establishing a stronger identity.

Below we elaborate on the notion of identity.

The challenge to establish cyber identity: For an entity to haveidentity, it must have distinguishing attributes. A cyber entity isuniversally represented as a string of bits. A string of n bits can bewritten 2^(n) ways, and that is the number of distinguishable strings ofthat size (n bits). No more.

If a string S is assigned to represent any non-cyber entity (or anyother cyber entity), and if this particular entity has to bedistinguished among Q other identities, then S has to be comprised of nbits where n≥log₂(Q).

When we wish to assign identities to digital coins (cyber identities)then Q is of an extremely high value. All possible coin exchangedanywhere, anytime is a very big number. When it comes to physical money,then indeed each coin and each banknote have their own identity, but toapply the same standard to the cyber world will be very taxing. Thereason being that physical entities are characterized by an extremelylarge number of attributes (the number was infinite in classicalphysics, and is finite—though very large—in quantum physics). It wouldbe infeasible to mark any dime paid from Joe to Mary with a string Slarge enough to distinguish it from all other coins ever paid.

Instead we can strike a balance, using large enough strings to endowcyber elements with identity—that is not absolute, but sufficientlyuseful.

The BitMint alphabet is designed with this built in flexibility for usto choose between larger strings that provide more identity and smallerstrings that are easier to manage but provide less identity (lesssecurity). The benefit of identity in cyber world is enormous. Itsbenefit when it comes to money is manifold: splitting, tethering,security.

One will need to assess how much splitting, tethering and security isneeded in any given situation, and then decide how much identityspecificity to provide (by deciding how big the BitMint letter used).The BitMint alphabet provides full string size flexibility.

The Range of the BitMint Alphabet: The BitMint alphabet is used toexpress a monetary value in cyber space. Its principle is to insureidentity to any monetary entity. The BitMint alphabet allows for a veryspecific identity or for a less specific identity—the user of thealphabet makes the decision. The BitMint alphabet applies to monetaryentities written as legacy money—account based, and it applies to thenew monetary entity: the digital coin. We call all financial entitiesbearing value digital coins.

Every financial entity of interest has meta data M and a valueindication V. The principle of the BitMint alphabet is to allow thevalue indication V to be of a desired size such that the bigger thesize, the more specified, the more well defined the identity. Alas, thebigger the size, the more there is to store and to communicate, and ingeneral handle.

Every digital coin denominated at some value V can be expressed withpayload of one single bit. The meta data for this coin will indicatethat this bit is worth V. This minimum (or so called “collapsed”) modeis very much like a regular account today: meta data and valueindication, V. The difference is that written in the BitMint languagethere is an extra 1 bit which has “poor” identity based on equivocationof two options, 0, and 1. So the collapsed BitMint mode is practicallyidentical to the common language.

Let t be any positive integer that divides V, and let the coin bewritten with n=V/t bits, each bit is worth V/n, and the identity of thepayload is unique amount 2^(n) options.

The BitMint alphabet extends to infinity: let n=tV, where t=1,2, . . .any positive integer. So n→∞. The coin will then be written with apayload string of n bits, and be large as desired (each bit in theuniform writing will be worth 1/tV.

The BitMint alphabet does not require uniformity. A coin denominated atV can be parceled out to s splits: S₁, S₂, . . . S_(s) in any way, suchthat:

V=S ₁ +S ₂ + . . . S _(s)

Each split i (i=1,2, . . . s) may be represented through t_(i) payloadbits where each such bit is worth S_(i)/t_(i), where t_(i) is anypositive integer for a total count of payload bits:

t ₀ =t ₁ +t ₂ + . . . t _(s)

Note that each t_(i) may be smaller or larger than the correspondingS_(i), and each value t_(i) may be chosen independently from all othert_(j) value, where j=1,2, . . . (i−1),(i+1), . . . .

This flexibility allows for the writer of the BitMint language to decidehow much identity to use versus how compact the script that defines eachdigital coin, or money account.

Fast Fixed Payment: When a crowd is streaming into a theater or astadium they may be asked to pay very fast a fixed admission fee. To dothis a BitMint coin will be comprised of a succession of admission feesplits to be paid instantly when the owner passes through a gate.

Multiple Denomination Coinage: In the physical cash situation peoplewould hold in their wallet some change, some single dollar bills, some10 dollar bills, may be a twenty dollar bill and more. This combinationwould likely allow them to make any payment that comes up to be paid.

A similar strategy can be taken with BitMint digital coins. One can puttogether several denominations, say V₁, V₂, . . . V_(h) (h=1,2, . . . ).Decide, say, that each denomination is payable at a resolution of r_(i)dollars, so that denomination V_(i) will be written as a payload withV_(i)/r_(i) bits, each valued r_(i) dollars. The resolutions will bescaled by order of magnitude (for example), so that:

r _(i)=10*r _(i−1)

thereby allowing wide range of sustained payment.

Zero Level Financial Bits: Assigning the value of a payload bit to beequal to zero, seems useless at first glance. Yet, it has utility asfollows: 1. fixed size payload applications 2. authentication delegationpurposes 3. accounting purposes 4. cryptographic purposes

Fixed size payload applications: From a computer programming standpointthere is a clear advantage to have a fixed size payload string. Normallyit is impossible because the bit count reflects the value of the coin.However, we may agree on a limit of r bits per each coin in the domain.We will then fit a BitMint digital coin of size t≤r bits in a space thatis built from memory locations for r bits and then in the meta dataassign zero bit value for the (r−t) that do not represent money.

authenticated delegation purposes: The BitMint money language has theoption to delegate authentication authority. This option is based oncareful minor flipping of some payload bits. Zero value bits will fitnicely into this purpose.

accounting purposes: A coin holder has several ways to mark for herselfthat a split of a given coin has been paid out, so that it would not bepaid again: 1. erase the value bits 2. replace bit value indication withzero value 3. double representation of the payload bits

Once erased the value bits cannot be repaid. Once the respective bitvalues are set to zero, the value bits can be re paid but without value.The payload bits may each be represented with two bits: one indicatesbit identity, and one indicates bit status (paid, or not yet paid).

cryptographic purposes: In some applications the payload string can beused as a cryptographic key and it may need the extra flexibilityafforded with zero value payload bits. Typically when the required keyis larger than the payload string.

Negative Value Bits: A payor who passes a negative coin to a payee isimposing on the payee a demand for payment. A payee accepting thisnegative coin, acknowledges the liability. Negative coin are aneffective mechanism to arrange for a loan, for example. The lenderpasses a positive coin denominated as V to a borrower, and in parallelpasses to him a negative coin in the amount of V+u, payable at a futurespecified time point p. When the payee sends back to the payor anacknowledgement of having received both coins, the deal is done.

The negative coin will be structured like the positive one only that thevalues of the payload value bits will be negative.

One could compose a coin from positive bits (money available to bespent) and negative value bits (demand for payment). The coin in theexample above can include the loan and the demand for payment in onecoin passed from the loan extender to the borrower.

For example: a loan of $1000, to be paid a year ahead for $1100 can bewritten as follow:

First 100 payload bit marked as $10/bit, followed by 110 bits marked by−$10/bit, where the meta data indicates a date certain when the pay backis due. The coin is comprised of 210 payload bits, given from the moneygiver to the borrower. The borrower may then sign the coincryptographically indicating acceptance of both the $1000 cash,expendable right away, and the commitment to pay the lender the sum of$1100 when the time comes.

It is noteworthy that both the loaned money and the accepted obligationare generally payable, transferable to others.

compacting payload size: A digital coin of value, v, written uniformlyat a $t/bits, will require n=v/t payload bits. In order to make the coinsplittable at a target resolution of q$, it is necessary to equatet=q/g, where g is the minimum number of payload bits in a coin, suchthat the chance of guessing the identity of the coin (1/2^(g)) will bejudged low enough.

This limitation may call for a rather large payload. For example for acoin denominated as $10,000, to be payable at a resolution of q=$0.1,one may choose g=6 (so the chance of guessing the identity of the coinis 1/64), and hence t=0.1/6=0.01666, and hence: n=10000/0.01666=600,000,about 60 Mbytes of payload.

There is a possibility to compact a digital coin, to prepare it for anysplit. This can be done by assigning:

v _(i) =v _(i+1) = . . . v _(i+g−1)=(1/g)*2^(i/g)

for i=1, g+1, 2g+1, . . . to n−g.

This coin value will be:

V_(coin)=Σv_(i) . . . for i=1 to n

This way a coin of value V will have n=g*log(V) bits. n may need to berounded up. For the example above, n=6*log₂(10,000)=78 bits. which is600000/78=7,692 times smaller.

This compact coin will be able to pay any sum up to its total by passingout several digital coins each comprised of at least g bits.

Another example: A coin of value V=$255. Using g=4. Then n=4Log₂(255)=32bits (the length of 4 ASCII characters) in the payload are worth asfollows:

0.25 0.25 0.25 0.25 0.5 0.5 0.5 0.5 1 1 1 1 2 2 2 2 4 4 4 4 8 8 8 8 1616 16 16 32 32 32 32

Note: for a coin of arbitrary value of the highest value bit will beproperly adjusted. So if in this example we had V=250, then the last bitwould have been worth 27 not 32.

The total value is:

0.25+0.25+0.25+0.25+0.5+0.5+0.5+0.5+1+1+1+1+2+2+2+2+4+4+4+4+8+8+8+8+16+16+16+16+32+32+32+32=255

Any sum of round dollars, up to $255 can be paid exactly For example topay the sum of $149 the payment will be combined from 4 digital coinscoin 1 (s=1): 0.25 0.25 0.25 0.25, coin 2 (s=9): 1 1 1 1, coin 3 (s=17):4 4 4 4, coin 4 (s=29): 32 32 32 32.

The value s indicates the bit count in the pre-split coin from where tocount each split coin.

These coins are worth: coin 1: 1, coin 2: 4, coin 3: 16, coin 4: 128,which sum up to $149. All coins share the same meta data.

The payloads of the respective coin could be:

coin 1: 0011, coin 2: 1110, coin 3: 0000, coin 4=1001

or perhaps: coin 1: 1001, coin 2: 1010, coin 3: 0110, coin 4=0001 Each 4bits coins has 2⁴=16 identities to choose from.

It is important to note that the value g, which in this example wasuniform for all splits, does not have to be uniform. Coins of highervaluation may be set with a higher g value to provide more securityagainst wild guessing of identity.

The formula above can be adjusted accordingly:

v _(i) =v _(i+1) = . . . v _(i+gi−1)=(1/g _(i))*2^(i/g) _(i)

for i=1, g₁+1, 2g₂+1, . . . to n−g.

where. for example g_(i)=g₀+3i.

This coin value will be:

V _(coin) =Σv _(i) . . . for i=1 to n

A coin that is prepared in this compact form will be able to make anyexact payment up to its full value—but only once. The remaining coinwill not have this property. Its holder will have to exchange it at themint against compact coin of the same value.

A compact coin of value V written in compact form: V_(c), can pay anyvalue X where 0<X≤V. (at a preset minimum resolution). But the coin leftwith the owner, worth (V−X) will have to be exchanged with the mint,against a coin of same value which again is compact: (V−X)→(V−X)_(c).

Beyond Cash: The BitMint alphabet can be used with entities other thanraw money. They will apply to anything of value. The essence of theBitMint alphabet is communication of value and trust. It applies to anycommunity where trust and values are exchanged. In particular to anyentity of value which needs accountability, and which is splittable. Itapplies to debt, (as we have seen with negative value bits) and tocredit, to investment instruments, and to non-monetary elements of value(like right of admission to a gated place).

Beyond the transfer of value the BitMint language may be applied togeneral SAM-ID entities where the prime purpose is accountability. Forexample, one may use the BitMint language to keep track of radioactivematerials as it is distributed in a laboratory. It is accountable, it issplittable. Any new radioactive material that is brought to theorganization, will enter through the SAM-ID mint, and a BitMint claimcheck will be issued for it, with owner assigned. When the owner splitsthe radioactive stock in her possession and passes a portion thereof toa second owner, she passes the split claim check. This splitting andpassing continues iteratively. At any arbitrary point of time the SAM-IDmint will requires all radio active material holders to refresh theirclaim checks. This will allow the mint to make sure that all theradioactive material is accountable. If any radioactive material is notrefreshed or if two claimants refresh the same split, then this is acase to be investigated. Any radioactive material that is disposed outof the organization is marked as ‘dead’. The BitMint language here worksthe same as for money, although no money is managed.

Financial Bits:

The string of bits in the payload string is replaced with a string ofdigital entities called financial bits (FB). The digital coin meta dataincludes indication of value for each of the well ordered financialbits. But because the FB may be an elaborate digital entity, it maycontain non-payload data (FB meta data) which together with the FB valueindication in the coin meta data will determine the value of the FB.

In other words, in the basic payload, the coin meta data has valueindication for every bit in the payload. In the FB mode the coin metadata also has value indication for each FB in the FB string, but theactual value of the FB is determined by combining this coin meta dataindication with the value-impacting parameters in the FB itself (part ofthe FB meta data).

Let FB be a financial bit in a given digital coin. Let v be the valueindication for that FB through the meta data of the digital coin asapplied to the payload bits of the FB (u bits). such that the value ofthe FB V_(FB)=f(v, u).

Example: a digital coin with a payload comprised of three FB: FB₁, FB₂,FB₃. where each FB has 4 value bits—namely 4 bits, the value of whichhas no impact on the value of the FB. Each FB also has a numeric value:u₁, u₂, u₃ for the three FBs respectively. The respective FB-valueswritten in the coin meta data are v₁, v₂, v₃. The value of FB_(i)(i=1,2,3), is computed to be v_(i)*u_(i), and the value of the wholecoin is:

V _(coin) =Σu _(i) *v _(i) . . . for i=1,2,3

A full-fledged digital coin qualifies to serve as financial bit. It hasin it FB payload bits, the identity of which does not impact the valueof the digital coin represented as a FB. And also the FB-digital coinhas meta data that can be used together with the FB value indication inthe coin comprised of FBs, some of them are full fledged digital coinsthemselves.

This coin-within-a-coin mode implies indefinite iteration. Each digitalcoin may be comprised of FBs which are themselves digital coins, whichin turn can be comprised of FBs, and so on.

Example: Let the three FBs in the example above, each be a full fledgeddigital coin: FB_(i)=DC_(i) for i=1,2,3 (DC—digital coin), as follows:

FB₁=DC₁=Meta data: redemption term: OK by supervisor Status: no OK yet,$/bit=$100, payload comprised of 12 bits.

FB₂=DC₂=Meta data: redemption term: date certain Status: date in thefuture, $/bit=$200, payload comprised of 8 bits.

FB₃=DC₃=Meta data: redemption term: used for medical expenses only.Status: claimed by a medical professional, $/bit=$10, payload comprisedof 500 bits.

The coin comprised of three FBs has the following FB values: v₁=$1/FB,v₂=$1/FB, and v₃=#0.8/FB.

The overall value of the coin comprised of three FBs is:

V_(coin)=v₁*[present value of FB₁]+v₂*[present value of FB₂]+v₃*[presentvalue of FB₃]

It turns out that FB₁ has no value because it lacks an OK signal from anidentified supervisor. FB₂ also has no value because it is too early toredeem it. But FB₃ is valid, so the value of the coin is:

V _(coin)=100*0+200*0+0.8*(10*500)=$4000

Generalized Financial Entities: Financial innovation is in full swing,new financial instruments emerge all the time, carving out tools for thepurpose of allocation of credit, sharing risk, and effecting socialprosperity and social justice. The BitMint financial language isdesigned to clearly write down the terms and attributes of any financialinstruments—with clarity and as a basis for analysis, logical evaluationand AI and natural intelligence processing. The same railways, the sameframework that gets cash flowing is optimal to support the dynamics ofany entity in cyber finance.

InterMint: A single mint with a global reach inherently carries the riskof a breakdown with catastrophic consequences. It is therefore advisableto deploy several corresponding but independent mints with veryestablished high capacity communication lines between them so that forthe served public this collection of corresponding mints (to be calledInterMint) appears to operate as if one central mints was in control.

When a trader submits to mint A, a coin minted and issued by mint B,then mint A will pass the request to mint B. If the redemption requestis declined, the decline message goes from mint B to mint A and frommint A to the redeeming trader. If honored, then the redeemed money flowin the same sequence: to the redeemer through mint A.

An issue arises if mints A and B, each uses a different underlyingcurrency to back their digital coins. In that case the correspondencewill require a set exchange rate between the underlying currency U_(a)used by mint A and the underlying currency U_(b) used by mint B. Inorder to prevent disturbing ripples in the money flow it is necessarythat all underlying currencies will have a moment by moment, t, exchangerate, U_(a)(t):U_(b)(t). These exchange rates may be fixed over time ornot, but their values should be the same globally in order to insuresmooth operation of the InterMint.

BitMint-AI: Artificial Intelligence technology will intersect with moneyand payments in two areas: (i) autonomous investing, and (ii) Internetof Things.

Autonomous Investing:

AI agents today are taking in live trading data, processing it real timeand generate investment decisions that must be carried out on the spotlest the terms change. The AI agent will have no time to go though anauthentication dialogue. BitMint money can be put at the disposition ofthe AI agent to be used for on the spot investment. The AI agent will gothrough the coin verification process ahead of time, so that the moneybits flowing from it when an investment is made are accepted as bonafide.

IoT Payment: These payments are of very small sums that need to be paidout very fast. The payee will validate the payor coin, ahead of time.And then, as needed the BitMint payload bits will flow to exercise thepayment. This is theoretically the fastest payment mode. This mode willallow for a network of IoT devices to exercise AI technology to optimizeperformance.

Review

Here is a brief review of this invention: it describes a method tocovert financial statements written as a combination of transactionalattributes and indication of value to a digital coin featuring the sametransactional attributes, while the value of the statement is written asa string of n bits associated with the digital coin meta data includinga value function which indicates a value associated with each of the nbits, such that the sum values of the n bits equals to the indication ofvalue in the converted financial statement; the n bits are regarded aspayload; the value function identifies each of the n bits by their orderin the payload and regardless of their bit identity, {0,1}, the bitidentities is randomized, the randomized expression of the payloadindicates both the value and the identity of the coin; the so writtendigital coins are written in the same way on phone and personalcomputing devices, in store computers, and in banks and other financialinstitutions' databases.

This invented method is further described by digital coins that areassembled into a coin collection regarded as a cash register, and wherethe cash register is associated with operation control software thatprovides security to the coin, control transmission of digital coins toand from the cash register, and erases at least the payload of any cointhat is transferred out of the cash register.

We further specify the method to be one where copies of the digitalcoins are prepared where such copies do not contain the payload, andhence while they carry the same accounting information as the copieddigital coin, these copies are not regarded as money because they don'tcarry the payload.

The invented method can be such wherein the digital coin also includescryptographic parameters guiding the handling of the coins to beconsistent with this cryptographically written guidance which is part ofthe digital coin.

In the invented method the conversion is done via a system called“mint”, and where the mint includes

(i) software that determines how to express the value V of the convertedfinancial statement ton bits, each of an indicated value v(i) for i=1,2. . . n, such that Σv(i) for i=1,2, . . . n will be equal to V:

Σv(i) . . . for i=1,2, . . . n=V;

(ii) a randomization source that determines the {0,1} identities of then bits of the payload, and

(iii) a coin logger into which the software in (i) writes the image ofevery minted coin, and where:

(a) the coin logger comprises a media allowing for write-once,ready-many bit writing, and

(b) the coin logger indicates for every bit of the payload of everycoin, whether this bit is “alive” namely payable, or “dead” namely itwas already paid out, thereby preventing double payment.

The invented method can be further specified where two financialinstitutes or more share the services of a joint mint, and therebyexercise money transmission between them by exchanging BitMint digitalcoins egressing a transmitting cash register and ingressing a receivingcash register.

According to the invented method a financial institute may keep all itsmoney in one central cash register, serving all its parts and branches.Alternatively a financial institute keeps its money in local brancheswhere each local branch has its own cash register.

In this invented method we have a situation where the cash register, theoperation control software, and any portal connected to other elementsthat communicate with the cash register are regarded the cash registersubsystem, CRSS, and where the CRSS is embedded in an embedding systemor it is externally attached to the served system.

An account holder in a financial institution using the invented methodwill move their money from their personal computing device to the theiraccount back and forth, as desired, since the money is written in thesame BitMint digital coin format in both locations; in both locationsthe money is housed in a cash register.

This invention also claims a system reconstructing the traditional cashregister in a digital form, and thereby separating money per se from itsaccounting, and improving the security and accountability of money andother financial instruments, and wherein money is written in a fittingFinancial Language (BitMint financial language) creating a BitMintdigital coin so that value and identity are fused together, and terms ofpayments are cryptographically linked to the money in the cash register;the cash register is associated with a computing device including cashregister operation control software, and the cash register is alsoassociated with ports to communicate financial data and to transmit andreceive the BitMint digital coins, where the assembly of the cashregister, the computing element with the operation control software, andthe communication and transmission ports is regarded as the cashregister subsystem, CRSS, and where CRSS replaces the prevailing systemwhere the accounting system carries the money as a number, but withoutany coin identity.

The invented system may be such where the communication and moneytransmission portals are (i) physical portals, and (ii) electromagneticcommunication portals, for local communication, and (iii)electromagnetic communication portals for participating in a globalnetwork, where any combination of these three types of portals isaccepted.

The invented system can be used where the CRSS is a detachable physicaldevice that is hooked to the system for which it holds money.

What is claimed is:
 1. A method to covert financial statements writtenas a combination of transactional attributes and indication of value toa digital coin featuring the same transactional attributes, while thevalue of the statement is written as a string of n bits associated withthe digital coin meta data including a value function which indicates avalue associated with each of the n bits, such that the sum values ofthe n bits equals to the indication of value in the converted financialstatement; the n bits are regarded as payload; the value functionidentifies each of the n bits by their order in the payload andregardless of their bit identity, {0,1}, the bit identities israndomized, the randomized expression of the payload indicates both thevalue and the identity of the coin; the so written digital coins arewritten in the same way on phone and personal computing devices, instore computers, and in banks and other financial institutions'databases.
 2. The method in claim 1 wherein the digital coins areassembled into a coin collection regarded as a cash register, and wherethe cash register is associated with operation control software thatprovides security to the coin, control transmission of digital coins toand from the cash register, and erases at least the payload of any cointhat is transferred out of the cash register.
 3. The method of claim 1where copies of the digital coins are prepared where such copies do notcontain the payload, and hence while they carry the same accountinginformation as the copied digital coin, these copies are not regarded asmoney because they don't carry the payload.
 4. The method of claim 1wherein the digital coin also includes cryptographic parameters guidingthe handling of the coins to be consistent with this cryptographicallywritten guidance which is part of the digital coin.
 5. The method ofclaim 1 wherein the conversion is done via a system called “mint”, andwhere the mint includes (i) software that determines how to express thevalue V of the converted financial statement to n bits, each of anindicated value v(i) for i=1,2 . . . n, such that Σv(i) for i=1,2, . . .n will be equal to V:Σv(i) . . . for i=1,2, . . . n=V; (ii) a randomization source thatdetermines the {0,1} identities of the n bits of the payload, and (iii)a coin logger into which the software in (i) writes the image of everyminted coin, and where: (a) the coin logger comprises a media allowingfor write-once, ready-many bit writing, and (b) the coin loggerindicates for every bit of the payload of every coin, whether this bitis “alive” namely payable, or “dead” namely it was already paid out,thereby preventing double payment.
 6. The method of claim 1 where twofinancial institutes or more share the services of a joint mint, andthereby exercise money transmission between them by exchanging BitMintdigital coins egressing a transmitting cash register and entering areceiving cash register.
 7. The method of claim 1 where a financialinstitute keeps all its money in one central cash register, serving allits parts and branches.
 8. The method of claim 1 where a financialinstitute keeps its money in local branches where each local branch hasits own cash register.
 9. The method of claim 2 where the cash register,the operation control software, and any portal connected to otherelements that communicate with the cash register are regarded the cashregister subsystem, CRSS, and where the CRSS is embedded in an embeddingsystem or it is externally attached to the served system.
 10. The methodin claim 1 where an account holder in a financial institution will movetheir money from their personal computing device to the their accountback and forth, as desired, since the money is written in the sameBitMint digital coin format in both locations; in both locations themoney is housed in a cash register.
 11. A system reconstructing thetraditional cash register in a digital form, and thereby separatingmoney per se from its accounting, and improving the security andaccountability of money and other financial instruments, and whereinmoney is written in a fitting Financial Language (BitMint financiallanguage) creating a BitMint digital coin so that value and identity arefused together, and terms of payments are cryptographically linked tothe money in the cash register; the cash register is associated with acomputing device including cash register operation control software, andthe cash register is also associated with ports to communicate financialdata and to transmit and receive the BitMint digital coins, where theassembly of the cash register, the computing element with the operationcontrol software, and the communication and transmission ports isregarded as the cash register subsystem, CRSS, and where CRSS replacesthe prevailing system where the accounting system carries the money as anumber, but without any coin identity.
 12. The system in claim 11 wherethe communication and money transmission portals are (i) physicalportals, and (ii) electromagnetic communication portals, for localcommunication, and (iii) electromagnetic communication portals forparticipating in a global network, where any combination of these threetypes of portals is accepted.
 13. The system in claim 11 where the CRSSis a detachable physical device that is hooked to the system for whichit holds money.